x86.se x86.se

Categories

  • Access Control
  • Access Management
  • Active Directory
  • Ad Fraud
  • AdTech
  • Adversarial Exposure Validation
  • Afghanistan
  • Agent Security
  • AgentForce
  • Agentic AI
  • Agentic AI control
  • AI
  • AI & ML Security
  • AI adoption metrics
  • AI agents
  • AI Automation
  • AI councils
  • AI firewall
  • AI governance
  • AI identity
  • AI model
  • AI observability and logging
  • AI Safety
  • AI Security
  • AI security frontier
  • AI threat detection
  • AI-driven security
  • AI-native security
  • Airline
  • AitM
  • Akira
  • Altcoin
  • Amatera Stealer
  • Android
  • Anodot
  • Anthropic
  • Anti-Malware Research
  • Antitrust
  • API Security
  • Apple
  • Application Security
  • AppSec
  • AppSheet
  • APT
  • APT Groups
  • apt28
  • Archer Health
  • Artificial Intelligence
  • Ascend AI
  • Ascension
  • AsyncRAT
  • ATM Security
  • Attack Surface
  • Attack Surface Management
  • Authentication
  • Automation
  • AWS
  • Azure
  • backdoor
  • Backup Software
  • Banking Fraud
  • Banking Malware
  • Banking Security
  • Beagle red teaming
  • Behavioral analytics UBA
  • Binance
  • Bishop Fox
  • Bitcoin
  • Bitwarden
  • Black Basta
  • Black Hat 2025
  • Blackpoint Cyber
  • Blockchain
  • Botnet
  • Botnets
  • Breach
  • Breach and Attack
  • Breach Prevention
  • Breach Simulation
  • BreachForums
  • BRICKSTORM
  • Browser
  • Browser extension security
  • Browser Security
  • Business Continuity
  • C2
  • CA SiteMinder
  • Canada
  • Captcha
  • Carbon Black
  • Censorship
  • Centralized policy enforcement
  • ChatGPT
  • Children
  • ChillyHell
  • China
  • Chrome
  • CIO and CISO alignment
  • Cisco
  • CISO
  • CISO strategies
  • CISO strategy
  • Cl0p
  • ClaimPix
  • Claude
  • Claude Code
  • Claude Mythos Preview
  • ClickFix
  • Clop
  • Cloud
  • Cloud Computing
  • Cloud Security
  • Cloud Security,
  • CloudFlare
  • CloudSEK
  • Code Security
  • Codex Security
  • Coding
  • Cofense
  • command-and-control
  • Compliance
  • Compliance and audit readiness
  • Compliance GDPR HIPAA PCI
  • Conditional Access
  • ConnectWise RAT
  • Container Security
  • conti
  • Continuous Monitoring
  • Continuous Threat Exposure Management
  • Copilot
  • Copyright
  • Corporate Espionage
  • Counterfeiters
  • Credential hygiene
  • Credential Theft
  • Critical Infrastructure
  • CRM
  • CrowdStrike Falcon Fund
  • Crypto
  • Cryptocurrency
  • Cryptography
  • Cryptojacking
  • CVE-2021-43798
  • CVE-2023-21563
  • cve-2023-24932
  • CVE-2024-50623
  • CVE-2024-55956
  • CVE-2024-58260
  • CVE-2025-10035
  • CVE-2025-10547
  • CVE-2025-10725
  • CVE-2025-27915
  • cve-2025-30247
  • cve-2025-4008
  • CVE-2025-41250
  • CVE-2025-41251
  • CVE-2025-41252
  • CVE-2025-43400
  • cve-2025-49844
  • CVE-2025-52906
  • CVE-2025-57714
  • CVE-2025-59489
  • CVE-2025-59934
  • CVE-2025-59951
  • CVE-2025-61882
  • CVE-2025-9230
  • CVE-2025-9231
  • CVE-2025-9232
  • Cyber Attack
  • Cyber Attacks
  • Cyber Crime
  • Cyber Espionage
  • Cyber Insurance
  • Cyber Resilience
  • Cyber Warfare
  • CyberArk
  • Cybercrime
  • Cybersecurity
  • Cybersecurity Innovations and Excellence
  • Cybersecurity News
  • Cybersecurity Training
  • Cyberwarfare
  • Dark Web
  • DarkForums
  • Darwinium
  • Data Breach
  • Data breach prevention
  • Data Breaches
  • Data Exfiltration
  • Data Exposure
  • Data Integrity
  • Data leak
  • Data leak prevention
  • Data Privacy
  • Data Protection
  • Data Security
  • Data Theft
  • Database Security
  • DDoS
  • DDoS attack
  • DDoS Attacks
  • Defend AI
  • Defense Technology
  • DeFi
  • denial-of-service
  • Detour Dog
  • Developer
  • Developer Security
  • Developer Tools
  • Developers
  • DevOps
  • DevOps Security
  • DevSecOps
  • Digital Advertising
  • Digital Crime
  • Digital Forensics
  • Discord
  • DNS
  • Documents
  • Driver Security
  • Dubai
  • Economic Espionage
  • Edge
  • Education
  • EggStreme
  • EggStremeAgent
  • Email Security
  • Empire Podcast
  • Employee AI governance
  • Encryption
  • Endpoint Security
  • Enterprise AI
  • Enterprise IT
  • Enterprise model security
  • Enterprise Security
  • Enterprise Software
  • Espionage
  • Ethereum
  • Europol
  • exploit
  • Exploits
  • exposure
  • Exposure Management
  • Exposure Validation
  • Extensions
  • Extortion
  • Facebook
  • Fake ID
  • Featured
  • Federal Security
  • File Transfer
  • Fileless
  • FIN11
  • Financial Crime
  • Financial Fraud
  • Financial Security
  • Firebox
  • firewall
  • Firewall Security
  • Firmware Security
  • ForcedLeak
  • ForgeCraft
  • ForgeRock
  • Fortra
  • France
  • Fraud
  • FraudGPT
  • FTC
  • Gaming
  • GDPR
  • Gemini AI
  • Gemini Trifecta
  • Generative AI
  • GitHub
  • GitHub Copilot
  • Global AI risk mapping
  • GoAnywhere
  • GoGra
  • Google
  • Google Cloud
  • Google Workspace
  • Government
  • Great Firewall of China
  • Hacking
  • Hacking News
  • Hacks
  • Hacktivism
  • Hardware
  • Hardware Security
  • Harvester APT
  • Healthcare
  • HexDex
  • Hiddengh0st
  • HIPAA
  • ics
  • ICS Security
  • ICS/OT
  • identity
  • Identity & Access
  • Identity and Access Management
  • Identity and Access Management (IAM)
  • Identity Governance
  • Identity Management
  • Identity Security
  • Identity theft
  • IIServerCore
  • Incident Response
  • India
  • Indirect Prompt Injection
  • Industrial Sabotage
  • Industry Recognition
  • Influencers
  • Info Stealer
  • Infostealer
  • Infrastructure
  • Infrastructure Security
  • Initial Access Broker
  • Insider Threat
  • Insider Threats
  • Internet of Things
  • iOS
  • IoT
  • IoT Research
  • IoT Security
  • IPI
  • IT Compliance
  • IT Operations
  • Jaguar Land Rover
  • Jailbreak attack protection
  • JavaScript
  • Jeremiah Fowler
  • JPEG
  • Kernel
  • Kido
  • Kubernetes
  • Lapsus$
  • LastPass Secure Access Experiences
  • Lat61
  • Law Enforcement
  • LayerX
  • leak
  • leaked
  • Leaks
  • Legal
  • Linux
  • Linux Security
  • LLM
  • LLM analysis
  • LLM Security
  • LNER
  • Lone None
  • Lone None Stealer
  • Los Pollos
  • Lua
  • machine learning
  • macOS
  • Magecart
  • Malvertising
  • Malware
  • Malware Analysis
  • Mandiant
  • MATANBUCHUS
  • MatrixPDF
  • MCP Server
  • Medusa
  • Messaging Security
  • Meta
  • MFA
  • Mic-E-Mouse
  • Microsoft
  • Microsoft Defender
  • Microsoft Entra
  • Microsoft Entra ID
  • Mid-sized enterprise cybersecurity
  • Military
  • Military Security
  • Misconfiguration
  • ML
  • Mobile
  • Mobile Security
  • Money Laundering
  • Muck Stealer
  • Multi-Factor Authentication (MFA)
  • Mustang Panda
  • Mythos AI
  • Nation-state
  • National Security
  • National Security,
  • NET-STAR
  • Netherlands
  • Network
  • Network Security
  • NPM
  • Nursery
  • Offensive AI
  • Offensive Security
  • Okta
  • Oleria
  • Online Fraud
  • Online Scam
  • Online Security
  • Open Source
  • OpenAI
  • Operational Technology
  • OWASP Top 10
  • Owen Flowers
  • Pakistan
  • Palo Alto
  • Passkey support
  • Passport
  • Password Management
  • Password manager
  • Password Security
  • Patch Management
  • Patch Tuesday
  • Payment Security
  • PCI-DSS
  • PDF
  • Penetration Testing
  • Pentesting
  • PhaaS
  • Phantom Taurus
  • Philippine
  • Phishing
  • Phishing Protection
  • Phishing Scam
  • PingFederate
  • PoC
  • Podcast
  • Point Wild
  • Police
  • Popular
  • PowerShell
  • Press Release
  • Privacy
  • Privacy & Compliance
  • privilege escalation
  • Privileged Access Management (PAM)
  • Project Glasswing
  • Prompt injection defense
  • proof-of-concept
  • PropellerAds
  • ProSpy
  • PSF
  • Pure Logs Stealer
  • PureMiner
  • PyPI
  • Python
  • QRadar SIEM
  • Qrator Labs
  • Quantum Computing
  • Quantum Resistance
  • Ransom
  • Ransomware
  • Ransomware Defense
  • Raven AI
  • Raven Stealer
  • rce
  • Real-time policy enforcement
  • Recap
  • Redis
  • RediShell
  • Regulatory Compliance
  • Remote Access Trojan
  • RemoteCOM
  • Renault
  • Report
  • Research
  • Resource-constrained businesses
  • Risk Management
  • Russia
  • SaaS
  • SaaS Monitoring
  • SaaS Protect
  • SaaS Security
  • SailPoint
  • Salesforce
  • Samsung
  • SCADA
  • Scam
  • Scam Research
  • Scams and Fraud
  • Scattered Lapsus$ Hunters
  • Scattered Spider
  • SCOUT
  • ScreenConnect
  • Secrets Management
  • Secure Coding
  • Secure Messaging
  • Secure passwordless authentication
  • Security
  • Security Automation
  • Security Culture
  • Security Leadership
  • Security Operations
  • Security Testing
  • Security Training
  • security update
  • Security Validation
  • Senator
  • SentinelOne
  • SEO Poisoning
  • Seraphic Security
  • Server Security
  • Shadow AI
  • Shadow AI detection
  • Shadow AI risks
  • Shadow IT
  • Shadow IT risks
  • Shinobi Security
  • ShinyHunters
  • Shuyal Stealer
  • SIEM and conditional access integration
  • Signal
  • Silverfort
  • SIM Swapping
  • SimpleHelp RAT
  • Single Sign-On (SSO)
  • SMB
  • SMB Security
  • SMS
  • Snow
  • SOC Automation
  • SOC Operations
  • Social Engineering
  • Social Media
  • Software
  • Software Development
  • Software Integrity
  • Software Security
  • Software Supply Chain
  • spam
  • SpamGPT
  • Spotlight
  • Spying
  • Spyware
  • SSO
  • state-sponsored
  • Stealer
  • Straiker
  • StreamYard
  • Strela Stealer
  • Supply Chain
  • Supply Chain Attack
  • Supply Chain Security
  • Surveillance
  • SVG
  • Symantec
  • TeamPCP
  • Technology
  • Telegram
  • TFL
  • Thalha Jubair
  • Threat Detection
  • Threat Exposure
  • Threat Hunting
  • Threat Intelligence
  • Threat Intelligence,
  • Threat Mitigation
  • Threat Research
  • ThreatLocker
  • ToSpy
  • ToTok
  • TradingView
  • Training
  • TROJAN
  • Typosquatting
  • UAE
  • Udemy
  • UK
  • Ukraine
  • Unauthorized SaaS applications
  • UNC5221
  • UNC6692
  • Uncategorized
  • United Kingdom
  • United States
  • USA
  • Vane Viper
  • Varun Uppal
  • Venafi
  • Vibe Coding
  • Vidar
  • Vietnam
  • VoidProxy
  • VPN
  • VPN Security
  • Vulnerabilities
  • Vulnerability
  • Vulnerability Disclosure
  • Vulnerability Management
  • Vulnerability Research
  • WatchGuard
  • Web Browser
  • Web Hosting
  • Web Security
  • Web Server
  • Web Services
  • Web3
  • Webinar
  • Website Security
  • Website Security,
  • WestJet
  • WhatsApp
  • Whitepapers
  • Windoes
  • Windows
  • Windows Security
  • Winnti
  • Winos
  • Wireless Security
  • WitnessAI Secure AI Enablement Platform
  • Workflow Automation
  • Workflow Security
  • WormGPT
  • Xcape
  • XSS
  • Yadi Zhang
  • YoLink
  • YoLink Smart Hub
  • Zara
  • Zero Day
  • Zero Trust
  • Zero-Day
  • Zeroday
  • Zhimin Qian

x86.se x86.se

x86.se x86.se

What are You Looking For?

  • Malware
  • Vulnerabilities
  • Ransomware
  • Vulnerability
  • IoT Security
  • Vulnerability
4 Min Read
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
July 3, 2026

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT an…
4 Min Read
New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
July 3, 2026

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242)…
  • Android
  • Linux
4 Min Read
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
July 3, 2026

New Avalon Malware Framework Packs CrownX Ransomware Capabilities

Cybersecurity researchers have discovered a previously undocumented…
  • Artificial Intelligence
  • Endpoint Security
5 Min Read
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
July 3, 2026

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set…
  • Malware
  • Software Supply Chain

Explore Trending Topics

Malware
Vulnerabilities
Ransomware
Vulnerability
Security
Windows
  • Cyber Espionage
  • Infostealer
4 Min Read
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
July 3, 2026

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the…
  • Mobile Security
  • Spyware
4 Min Read
European Parliament Member Investigating Spyware Was Hacked With Pegasus
July 3, 2026

European Parliament Member Investigating Spyware Was Hacked With Pegasus

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device…
  • Credential Theft
  • Cryptocurrency
3 Min Read
PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
July 3, 2026

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect…
  • Botnet
  • Cybercrime
3 Min Read
Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
July 2, 2026

Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices

Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic.…
  • Cyber Attack
  • Malware
5 Min Read
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
July 2, 2026

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability…
  • Kubernetes
  • Server Security
3 Min Read
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
July 1, 2026

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an…
  • Cybercrime
  • Ransomware
3 Min Read
19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
July 1, 2026

19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges

A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy,…
  • Malware
  • SEO Poisoning
2 Min Read
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
July 1, 2026

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity…
  • Cyber Attack
  • Malware
3 Min Read
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
July 1, 2026

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to…
  • Endpoint Security
  • Malware
3 Min Read
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
July 1, 2026

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard…
  • Encryption
  • Quantum Computing
2 Min Read
Microsoft Accelerates Post-Quantum Cryptography Shift to 2029
July 1, 2026

Microsoft Accelerates Post-Quantum Cryptography Shift to 2029

Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it…
  • Artificial Intelligence
  • Threat Intelligence
4 Min Read
Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware
July 1, 2026

Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware

Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else…
  • Artificial Intelligence
  • Critical Infrastructure
4 Min Read
Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls
July 1, 2026

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had…
  • Cloud Security
  • Password Security
3 Min Read
Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
July 1, 2026

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line…
  • Social Engineering
  • Threat Intelligence
4 Min Read
Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery
July 1, 2026

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands…
  • AI Security
  • Vulnerability
3 Min Read
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
June 30, 2026

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two…
  • Vulnerability
  • Wireless Security
4 Min Read
AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks
June 30, 2026

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks

Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no…
  • Agent Security
  • Browser Security
3 Min Read
New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
June 30, 2026

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials

Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a…
  • API Security
  • Vulnerability
3 Min Read
Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth
June 30, 2026

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance…
  • Artificial Intelligence
  • Vulnerability
2 Min Read
Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs
June 30, 2026

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four…
  • Enterprise Software
  • Vulnerability
2 Min Read
Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild
June 30, 2026

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The…
  • Browser Security
  • Web Security
2 Min Read
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
June 29, 2026

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It…
  • Privacy
  • Social Media
2 Min Read
WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private
June 29, 2026

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…
  • Ad Fraud
  • Browser Security
3 Min Read
Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
June 29, 2026

Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts

Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and…
  • Open Source
  • Vulnerability
3 Min Read
Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw
June 29, 2026

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger…
  • Cryptocurrency
  • Supply Chain Attack
3 Min Read
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
June 29, 2026

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based…
  • Cyber Espionage
  • Messaging Security
2 Min Read
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
June 27, 2026

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign…
  • Artificial Intelligence
  • Vulnerability Research
3 Min Read
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
June 27, 2026

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards

OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part…
  • Secure Messaging
  • Social Engineering
2 Min Read
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
June 26, 2026

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added…
  • Malware
  • Windows Security
4 Min Read
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
June 26, 2026

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as…
  • Cyber Espionage
  • Malware
3 Min Read
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
June 26, 2026

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks…
  • Linux
  • Vulnerability
3 Min Read
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
June 26, 2026

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331,…
  • AI Security
  • Vulnerability
3 Min Read
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
June 26, 2026

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was…
  • Software Security
  • Vulnerability
2 Min Read
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
June 26, 2026

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting…
  • Linux
  • Vulnerability
3 Min Read
New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
June 26, 2026

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit…
  • AI Security
  • Identity Governance
13 Min Read
Guardian Agents: The Next Layer of Identity Governance
June 26, 2026

Guardian Agents: The Next Layer of Identity Governance

AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed…
  • Developer Security
  • Supply Chain Attack
3 Min Read
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
June 26, 2026

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades…
  • Malware
  • Phishing
2 Min Read
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
June 26, 2026

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using…
  • Digital Forensics
  • Mobile Security
3 Min Read
Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff
June 26, 2026

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff

Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June…
  • Cyber Espionage
  • Malware
4 Min Read
Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
June 26, 2026

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that…
  • Browser Security
  • Malware
4 Min Read
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
June 25, 2026

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code.…
  • Cybersecurity News
  • Hacking News
11 Min Read
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
June 25, 2026

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old…
x86.se x86.se