Cyber Extortion Threat Intelligence3 Min Read July 4, 2026 U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-IS…
3 Min Read July 4, 2026 North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign The North Korean threat actors linked to the Contagious Interview… Cryptocurrency Malware
4 Min Read July 3, 2026 Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices Security firm runZero has disclosed seven… IoT Security Vulnerability
4 Min Read July 3, 2026 New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242)… Android Linux
Artificial Intelligence Endpoint Security4 Min Read July 3, 2026 New Avalon Malware Framework Packs CrownX Ransomware Capabilities Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of…
Malware Software Supply Chain5 Min Read July 3, 2026 North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to…
Cyber Espionage Infostealer4 Min Read July 3, 2026 Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the…
Mobile Security Spyware4 Min Read July 3, 2026 European Parliament Member Investigating Spyware Was Hacked With Pegasus A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device…
Credential Theft Cryptocurrency3 Min Read July 3, 2026 PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect…
Botnet Cybercrime3 Min Read July 2, 2026 Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic.…
Cyber Attack Malware5 Min Read July 2, 2026 Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability…
Cybersecurity News Hacking News11 Min Read July 2, 2026 ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem…
API Security Cyberespionage4 Min Read July 2, 2026 ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a…
Enterprise Security Identity Governance13 Min Read July 2, 2026 Identity Lifecycle Management Wasn't Built for AI Agents Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none…
Artificial Intelligence Malware5 Min Read July 2, 2026 AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its…
Network Security Ransomware3 Min Read July 2, 2026 FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that…
Kubernetes Server Security3 Min Read July 1, 2026 Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an…
Cybercrime Ransomware3 Min Read July 1, 2026 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy,…
Malware SEO Poisoning2 Min Read July 1, 2026 SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity…
Cyber Attack Malware3 Min Read July 1, 2026 VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to…
Endpoint Security Malware3 Min Read July 1, 2026 Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard…
Encryption Quantum Computing2 Min Read July 1, 2026 Microsoft Accelerates Post-Quantum Cryptography Shift to 2029 Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it…
Artificial Intelligence Threat Intelligence4 Min Read July 1, 2026 Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else…
Artificial Intelligence Critical Infrastructure4 Min Read July 1, 2026 Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had…
Cloud Security Password Security3 Min Read July 1, 2026 Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line…
Social Engineering Threat Intelligence4 Min Read July 1, 2026 Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands…
AI Security Vulnerability3 Min Read June 30, 2026 Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two…
Vulnerability Wireless Security4 Min Read June 30, 2026 AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no…
Agent Security Browser Security3 Min Read June 30, 2026 New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a…
API Security Vulnerability3 Min Read June 30, 2026 Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance…
Artificial Intelligence Vulnerability2 Min Read June 30, 2026 Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four…
Enterprise Software Vulnerability2 Min Read June 30, 2026 Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The…
Browser Security Web Security2 Min Read June 29, 2026 Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It…
Privacy Social Media2 Min Read June 29, 2026 WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…
Ad Fraud Browser Security3 Min Read June 29, 2026 Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and…
Open Source Vulnerability3 Min Read June 29, 2026 Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger…
Cryptocurrency Supply Chain Attack3 Min Read June 29, 2026 Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based…
Cyber Espionage Messaging Security2 Min Read June 27, 2026 Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign…
Artificial Intelligence Vulnerability Research3 Min Read June 27, 2026 OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part…
Secure Messaging Social Engineering2 Min Read June 26, 2026 FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added…
Malware Windows Security4 Min Read June 26, 2026 New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as…
Cyber Espionage Malware3 Min Read June 26, 2026 Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks…
Linux Vulnerability3 Min Read June 26, 2026 New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331,…
AI Security Vulnerability3 Min Read June 26, 2026 Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was…
Software Security Vulnerability2 Min Read June 26, 2026 CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting…
Linux Vulnerability3 Min Read June 26, 2026 New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit…