Endpoint Security Vulnerability5 Min Read July 15, 2026 Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warni…
3 Min Read July 15, 2026 Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware Four compromised npm packages in the @asyncapi namespace have been… Malware Software Security
2 Min Read July 15, 2026 Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands SonicWall has warned of active exploitation of two zero-day… Enterprise Security Vulnerability
5 Min Read July 14, 2026 Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack Microsoft shipped its largest Patch Tuesday on record today, and two of… Enterprise Security Vulnerability
Artificial Intelligence Data Privacy4 Min Read July 14, 2026 Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI,…
Cyber Espionage Network Security4 Min Read July 14, 2026 U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has designated two individuals and a VPN service provider for enabling…
Browser Security Malvertising6 Min Read July 14, 2026 148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for…
Identity Security SaaS Security6 Min Read July 14, 2026 Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce…
Cybercrime Endpoint Security2 Min Read July 13, 2026 CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from…
Browser Security Web Security4 Min Read July 13, 2026 Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after…
Cybersecurity Hacking10 Min Read July 13, 2026 ⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The…
AI Security Data Integrity6 Min Read July 13, 2026 New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email Give an AI assistant a memory and access to your inbox, and you hand an attacker a way to rewrite what it thinks it knows about you. A single…
Artificial Intelligence Email Security5 Min Read July 13, 2026 Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM)…
Identity Security Threat Intelligence7 Min Read July 13, 2026 Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365 An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing…
Vulnerability Web Security3 Min Read July 13, 2026 iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa…
Malware Software Supply Chain4 Min Read July 11, 2026 Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published…
Cyber Espionage Threat Intelligence3 Min Read July 11, 2026 Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations…
Email Security Vulnerability2 Min Read July 11, 2026 Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in…
Enterprise Security Security Incident3 Min Read July 10, 2026 URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The…
Malware Software Supply Chain3 Min Read July 10, 2026 Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages Unknown threat actors compromised the Injective Labs SDK project's GitHub repository and leveraged it to publish a malicious package on the…
Firmware Security Vulnerability4 Min Read July 10, 2026 Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as…
Hardware Security Vulnerability5 Min Read July 10, 2026 Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto…
AI Security Vulnerability2 Min Read July 10, 2026 Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if…
Enterprise Security Malware2 Min Read July 10, 2026 New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON.…
Server Security Vulnerability3 Min Read July 10, 2026 Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of…
Asset Management Enterprise Security4 Min Read July 10, 2026 From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600…
Cybercrime Website Security6 Min Read July 10, 2026 Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the…
Mobile Security Privacy6 Min Read July 10, 2026 Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the…
Authentication Enterprise Security3 Min Read July 10, 2026 Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365…
Cryptocurrency Vulnerability4 Min Read July 10, 2026 Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is…
Cybercrime Law Enforcement2 Min Read July 10, 2026 Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in…
Developer Security Supply Chain Security2 Min Read July 9, 2026 Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations,…
Cyber Espionage Malware4 Min Read July 9, 2026 New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older…
DevSecOps Supply Chain Security2 Min Read July 9, 2026 npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access…
Cybersecurity News Hacking News12 Min Read July 9, 2026 ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories Most security mess starts as admin work. A link gets clicked. A tool gets trusted. A bucket name gets reused. A setting stays loose because…
AI Security Zero Trust2 Min Read July 9, 2026 AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up AI has changed how fast attacks move. Work that once took an attacker days now takes minutes. Using models like Mythos, attackers write…
AI Security Application Security12 Min Read July 9, 2026 Summer of Clearinghouses Everyone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it…
Endpoint Security Malware3 Min Read July 9, 2026 GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security…
Endpoint Security Vulnerability3 Min Read July 9, 2026 Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became…
AI Security Threat Detection4 Min Read July 8, 2026 AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers Sophos looked at a week of its own endpoint data and found that AI coding agents such as Claude Code, Cursor, and OpenAI Codex are setting off…
AI Security Botnet5 Min Read July 8, 2026 New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name…
Network Security Vulnerability2 Min Read July 8, 2026 Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and…
Email Security Phishing Windows4 Min Read July 8, 2026 New Ghost Phishing Wave Is Breaking Traditional Email Security A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost…
AI Security Cybercrime4 Min Read July 8, 2026 SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using…
DevSecOps Open Source Security4 Min Read July 8, 2026 GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures New research shows that a signed Git commit's hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any…
Compliance Identity Security4 Min Read July 8, 2026 The Verification Step Is the New ATO Battleground in 2026 For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated…