x86.se

11 Min Read

February 5, 2026

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Rese…

5 Min Read

February 5, 2026

The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday…

4 Min Read

February 5, 2026

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

The elusive Iranian threat group known as Infy (aka Prince of Persia)…

4 Min Read

February 5, 2026

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

A new, critical security vulnerability has been disclosed in the n8n…

Security

3 Min Read

September 15, 2025

New Phoenix attack bypasses Rowhammer defenses in DDR5 memory

Academic researchers have devised a new variant of Rowhammer attacks that bypass the latest protection mechanisms on DDR5 memory chips from SK…

2 Min Read

September 15, 2025

Microsoft: Exchange 2016 and 2019 reach end of support in 30 days

Microsoft has reminded administrators again that Exchange 2016 and Exchange 2019 will reach the end of extended support next month and…

Microsoft

2 Min Read

September 15, 2025

Microsoft to force install the Microsoft 365 Copilot app in October

Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices outside of the EEA region that have…

2 Min Read

September 15, 2025

HybridPetya Mimics NotPetya, Adds UEFI Compromise

A newly identified ransomware strain called HybridPetya has appeared on the VirusTotal platform. Uploaded in February 2025, the sample showed…

9 Min Read

September 15, 2025

Securing Linux Systems in the Age of AI: Unified Security Strategies for Modern Enterprises

Introduction In the rapidly evolving landscape of cybersecurity, the integration of Artificial Intelligence (AI) has emerged as a…

0 Min Read

September 15, 2025

SEO Poisoning Targets Chinese Users with Fake Software Sites

A search engine optimization (SEO) poisoning attack aimed at Chinese-speaking Microsoft Windows users has been identified by security…

Microsoft

2 Min Read

September 15, 2025

Microsoft fixes Windows 11 audio issues confirmed in December

Microsoft has removed a safeguard hold that prevented some users from upgrading their systems to Windows 11 24H2 due to compatibility issues…

4 Min Read

September 15, 2025

Preparing for the EU’s DORA amidst Technical Controls Ambiguity

The financial sector is bracing for a significant shift in its digital landscape as the EU’s Digital Operational Resilience Act (DORA)…

Microsoft

2 Min Read

September 15, 2025

Microsoft says Windows September updates break SMBv1 shares

Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1…

2 Min Read

September 15, 2025

AI-Forged Military IDs Used in North Korean Phishing Attack

A North Korean threat actor has leveraged AI to create fake South Korean military agency ID card images used in a spear-phishing campaign,…

3 Min Read

September 15, 2025

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a…

24 Min Read

September 15, 2025

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust…

Vulnerabilities

2 Min Read

September 15, 2025

Critical LangChainGo Vulnerability Let Attackers Access Sensitive Files by Injecting Malicious Prompts

A high-severity vulnerability was identified in LangChainGo, the Go implementation of the popular LLM orchestration framework LangChain. …

2 Min Read

September 15, 2025

CVE-2025-58434: Critical FlowiseAI Flaw Enables Full Account Takeover

A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of…

2 Min Read

September 15, 2025

OpenAI’s New Grove Incubator Is Building the Next Generation of AI Startups

OpenAI recently unveiled its internal incubation initiative, OpenAI Grove. Unlike traditional startup accelerators or incubator programs,…

2 Min Read

September 15, 2025

IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions

A critical permission misconfiguration in the IBM QRadar Security Information and Event Management (SIEM) platform could allow local…

Ransomware

2 Min Read

September 15, 2025

CISA at Risk After OIG Accuses it of Wasting Federal Funds

The US Cybersecurity and Infrastructure Security Agency (CISA) wasted taxpayers’ money and imperilled its mission to protect the nation from…

2 Min Read

September 15, 2025

Phishing Campaigns Drop RMM Tools for Remote Access

Malicious actors are using multiple lures in new phishing campaigns designed to install remote monitoring and management (RMM) software onto…

2 Min Read

September 15, 2025

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked as…

7 Min Read

September 15, 2025

ACR Stealer – Uncovering Attack Chains, Functionalities And IOCs

ACR Stealer represents one of the most sophisticated information-stealing malware families actively circulating in 2025, distinguished by its…

3 Min Read

September 15, 2025

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on…

3 Min Read

September 15, 2025

FlowiseAI Password Reset Token Vulnerability Allows Account Takeover

A critical vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a severe authentication bypass flaw that…

2 Min Read

September 15, 2025

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute…

2 Min Read

September 15, 2025

Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication

Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote…

2 Min Read

September 15, 2025

PoC Available: FlowiseAI Flaw (CVE-2025-58434) Allows Full Account Takeover (CVSS 9.8)

The open-source generative AI development platform FlowiseAI, widely used for building AI agents and LLM workflows, has been found vulnerable…

2 Min Read

September 15, 2025

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security flaws in…

2 Min Read

September 15, 2025

CVE-2025-9556 (CVSS 9.8):Critical Vulnerability in LangChainGo Puts LLM Apps at Risk

The rise of large language model (LLM) applications has made frameworks like LangChain and its ports foundational for developers worldwide.…

3 Min Read

September 15, 2025

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted

The U.S. energy industry has become a prime target for large-scale phishing operations in 2025, according to new research from Hunt…

2 Min Read

September 14, 2025

Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks

Samsung has patched a serious security vulnerability that hackers were already using in live attacks against its Android devices. The issue,…

Security

3 Min Read

September 14, 2025

FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data

The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’…

5 Min Read

September 14, 2025

Beyond the Firewall: Protecting Your Marketing Department from Cyber Threats and Safeguarding Digital Assets

Digital media created more opportunities for companies to engage with consumers than ever before, but such increased interconnectedness has a…

Security

2 Min Read

September 14, 2025

New VoidProxy phishing service targets Microsoft 365, Google accounts

A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those…

5 Min Read

September 14, 2025

Beyond Buzzwords: The Real Impact of AI on Identity Security

Artificial intelligence (AI) has become one of the most discussed technologies in recent years, often touted as the answer to many of…

3 Min Read

September 13, 2025

600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet

Hackers leaked 600 GB of data linked to the Great Firewall of China, exposing documents, code, and operations. Full details available on the…

Microsoft

2 Min Read

September 13, 2025

Microsoft reminds of Windows 10 support ending in 30 days

On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. Windows 10 2015…

2 Min Read

September 13, 2025

Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet

In early September, Qrator Labs detected and mitigated one of the most significant L7 DDoS attacks seen this year, carried out by what is now…

4 Min Read

September 13, 2025

A CISO’s Guide to Managing Cyber Risk in Healthcare

Now more than ever before, our healthcare data is under attack. Of all of the sensitive information available on the dark web, medical records…

Security

3 Min Read

September 13, 2025

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio…

4 Min Read

September 13, 2025

Why The Open Web Application Security Project (OWASP) Mobile Application Security (MAS) Project Is Critical

The OWASP MAS project continues to lead the way in mobile application security. This article describes the resources and tools which have…

2 Min Read

September 13, 2025

New VoidProxy Phishing Service Bypasses MFA on Microsoft and Google Accounts

Okta Threat Intelligence exposes VoidProxy, a new PhaaS platform. Learn how this advanced service uses the Adversary-in-the-Middle technique…

3 Min Read

September 13, 2025

FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two…

2 Min Read

September 13, 2025

Google Chrome Patches Critical Security Flaws in September 2025 Update

In early September 2025, Google released an important security update for its Chrome browser—version 140.0.7339.127—to patch two…

Explore Trending Topics