Encryption Quantum Computing2 Min Read July 1, 2026 Microsoft Accelerates Post-Quantum Cryptography Shift to 2029 Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to…
4 Min Read July 1, 2026 Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware Large language models keep inventing web addresses that do not exist.… Artificial Intelligence Threat Intelligence
4 Min Read July 1, 2026 Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls Anthropic is putting Claude Fable 5 back online worldwide. On June… Artificial Intelligence Critical Infrastructure
3 Min Read July 1, 2026 Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts Cybersecurity researchers have warned of a "massive, ongoing, automated… Cloud Security Password Security
Social Engineering Threat Intelligence4 Min Read July 1, 2026 Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands…
AI Security Vulnerability3 Min Read June 30, 2026 Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two…
Vulnerability Wireless Security4 Min Read June 30, 2026 AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no…
Agent Security Browser Security3 Min Read June 30, 2026 New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a…
API Security Vulnerability3 Min Read June 30, 2026 Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance…
Artificial Intelligence Vulnerability2 Min Read June 30, 2026 Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four…
Enterprise Software Vulnerability2 Min Read June 30, 2026 Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The…
Browser Security Web Security2 Min Read June 29, 2026 Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It…
Privacy Social Media2 Min Read June 29, 2026 WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…
Ad Fraud Browser Security3 Min Read June 29, 2026 Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and…
Open Source Vulnerability3 Min Read June 29, 2026 Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger…
Cryptocurrency Supply Chain Attack3 Min Read June 29, 2026 Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based…
Cyber Espionage Messaging Security2 Min Read June 27, 2026 Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign…
Artificial Intelligence Vulnerability Research3 Min Read June 27, 2026 OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part…
Secure Messaging Social Engineering2 Min Read June 26, 2026 FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added…
Malware Windows Security4 Min Read June 26, 2026 New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as…
Cyber Espionage Malware3 Min Read June 26, 2026 Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks…
Linux Vulnerability3 Min Read June 26, 2026 New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331,…
AI Security Vulnerability3 Min Read June 26, 2026 Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was…
Software Security Vulnerability2 Min Read June 26, 2026 CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting…
Linux Vulnerability3 Min Read June 26, 2026 New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit…
AI Security Identity Governance13 Min Read June 26, 2026 Guardian Agents: The Next Layer of Identity Governance AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed…
Developer Security Supply Chain Attack3 Min Read June 26, 2026 Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades…
Malware Phishing2 Min Read June 26, 2026 Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using…
Digital Forensics Mobile Security3 Min Read June 26, 2026 Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June…
Cyber Espionage Malware4 Min Read June 26, 2026 Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that…
Browser Security Malware4 Min Read June 25, 2026 Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code.…
Cybersecurity News Hacking News11 Min Read June 25, 2026 ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old…
Artificial Intelligence Threat Hunting4 Min Read June 25, 2026 Surviving the Mythos Era: Richard Bejtlich on the Case for NDR Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during…
AI Security Malware2 Min Read June 25, 2026 New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to…
Initial Access Broker Ransomware3 Min Read June 25, 2026 New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations…
Threat Intelligence Vulnerability3 Min Read June 25, 2026 Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two…
Network Security Vulnerability2 Min Read June 24, 2026 CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active exploitation of a critical security flaw…
Cybercrime Law Enforcement5 Min Read June 24, 2026 Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft,…
Open Source Supply Chain Security2 Min Read June 24, 2026 Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise…
Network Security Vulnerability Management4 Min Read June 24, 2026 Dawn of the Apex Agentic Adversary We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm…
Cybercrime Money Laundering3 Min Read June 24, 2026 DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to use by subsidiaries of…
Network Security Vulnerability2 Min Read June 24, 2026 Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM)…
Firewall Security Initial Access Broker6 Min Read June 23, 2026 FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation…
Enterprise Security Supply Chain Security4 Min Read June 23, 2026 Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it…
Cryptography Quantum Computing3 Min Read June 23, 2026 Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and…
Software Supply Chain Workflow Security3 Min Read June 23, 2026 GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns GitHub is moving to strengthen software supply chain security by updating "actions/checkout" to block pwn request attacks that exploit the…