IoT Security Vulnerability4 Min Read July 3, 2026 Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT an…
4 Min Read July 3, 2026 New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242)… Android Linux
4 Min Read July 3, 2026 New Avalon Malware Framework Packs CrownX Ransomware Capabilities Cybersecurity researchers have discovered a previously undocumented… Artificial Intelligence Endpoint Security
5 Min Read July 3, 2026 North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets Threat actors with ties to North Korea have been linked to a fresh set… Malware Software Supply Chain
Cyber Espionage Infostealer4 Min Read July 3, 2026 Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the…
Mobile Security Spyware4 Min Read July 3, 2026 European Parliament Member Investigating Spyware Was Hacked With Pegasus A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device…
Credential Theft Cryptocurrency3 Min Read July 3, 2026 PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect…
Botnet Cybercrime3 Min Read July 2, 2026 Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic.…
Cyber Attack Malware5 Min Read July 2, 2026 Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability…
Kubernetes Server Security3 Min Read July 1, 2026 Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an…
Cybercrime Ransomware3 Min Read July 1, 2026 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy,…
Malware SEO Poisoning2 Min Read July 1, 2026 SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity…
Cyber Attack Malware3 Min Read July 1, 2026 VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to…
Endpoint Security Malware3 Min Read July 1, 2026 Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard…
Encryption Quantum Computing2 Min Read July 1, 2026 Microsoft Accelerates Post-Quantum Cryptography Shift to 2029 Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it…
Artificial Intelligence Threat Intelligence4 Min Read July 1, 2026 Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else…
Artificial Intelligence Critical Infrastructure4 Min Read July 1, 2026 Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had…
Cloud Security Password Security3 Min Read July 1, 2026 Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line…
Social Engineering Threat Intelligence4 Min Read July 1, 2026 Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands…
AI Security Vulnerability3 Min Read June 30, 2026 Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two…
Vulnerability Wireless Security4 Min Read June 30, 2026 AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no…
Agent Security Browser Security3 Min Read June 30, 2026 New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a…
API Security Vulnerability3 Min Read June 30, 2026 Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance…
Artificial Intelligence Vulnerability2 Min Read June 30, 2026 Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four…
Enterprise Software Vulnerability2 Min Read June 30, 2026 Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The…
Browser Security Web Security2 Min Read June 29, 2026 Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It…
Privacy Social Media2 Min Read June 29, 2026 WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three…
Ad Fraud Browser Security3 Min Read June 29, 2026 Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and…
Open Source Vulnerability3 Min Read June 29, 2026 Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger…
Cryptocurrency Supply Chain Attack3 Min Read June 29, 2026 Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based…
Cyber Espionage Messaging Security2 Min Read June 27, 2026 Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign…
Artificial Intelligence Vulnerability Research3 Min Read June 27, 2026 OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part…
Secure Messaging Social Engineering2 Min Read June 26, 2026 FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added…
Malware Windows Security4 Min Read June 26, 2026 New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as…
Cyber Espionage Malware3 Min Read June 26, 2026 Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks…
Linux Vulnerability3 Min Read June 26, 2026 New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331,…
AI Security Vulnerability3 Min Read June 26, 2026 Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was…
Software Security Vulnerability2 Min Read June 26, 2026 CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting…
Linux Vulnerability3 Min Read June 26, 2026 New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit…
AI Security Identity Governance13 Min Read June 26, 2026 Guardian Agents: The Next Layer of Identity Governance AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed…
Developer Security Supply Chain Attack3 Min Read June 26, 2026 Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades…
Malware Phishing2 Min Read June 26, 2026 Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using…
Digital Forensics Mobile Security3 Min Read June 26, 2026 Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June…
Cyber Espionage Malware4 Min Read June 26, 2026 Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that…
Browser Security Malware4 Min Read June 25, 2026 Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code.…
Cybersecurity News Hacking News11 Min Read June 25, 2026 ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old…