586
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer…
Ravie LakshmananJun 05, 2026Spyware / Mobile Security Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company…
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where «OP» stands for «opponent») that has been observed targeting Microsoft Internet…
Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing…
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site…
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands…
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to…
The Hacker NewsJun 04, 2026Artificial Intelligence / Defense Technology Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can…
Swati KhandelwalJun 04, 2026Vulnerability / Network Security Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and,…
Swati KhandelwalJun 04, 2026Vulnerability / AI Security A security researcher found a flaw in Anthropic’s Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it,…
Ravie LakshmananJun 04, 2026Hacking News / Cybersecurity News It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady…
Ravie LakshmananJun 04, 2026Malvertising / Browser Security Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo…
Ravie LakshmananJun 04, 2026Malware / Cybercrime A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South…
adminSwati KhandelwalJun 04, 2026Cyber Espionage / Malware Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the…
Swati KhandelwalJun 04, 2026Malware / Open Source Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS)…
Ravie LakshmananJun 04, 2026Web Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache…
Ravie LakshmananJun 04, 2026Cryptocurrency / Law Enforcement The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies…
adminRedis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an…
Swati KhandelwalJun 03, 2026Vulnerability / Mobile Security A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to…
Ravie LakshmananJun 03, 2026Malware / Microsoft Defender Cybersecurity researchers have flagged a new malspam campaign that makes use of Google’s DoubleClick domain as a way to evade detection and ultimately…
Swati KhandelwalJun 03, 2026Vulnerability / Artificial Intelligence A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini’s voice assistant on Android and made…
The Hacker NewsJun 03, 2026Exposure Management Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and «patch everything in time» stopped working years ago. Stop…
Ravie LakshmananJun 03, 2026Vulnerability / Software Development Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub…
The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and…
Ravie LakshmananJun 03, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user’s NTLMv2 hash to the attacker. Like…
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora.…
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims’ systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed…
Ravie LakshmananJun 02, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited…
Ravie LakshmananJun 02, 2026Vulnerability / Mobile Security Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity…
Ravie LakshmananJun 02, 2026Threat Intelligence / Malware The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families…
adminAI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security.…
Most organizations now recognize that endpoint protection alone is no longer sufficient. That’s why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that…
adminRavie LakshmananJun 02, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with…
adminPassword manager Dashlane has disclosed that «fewer than» 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On…
A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. «This is effectively…
A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite…
Ravie LakshmananJun 01, 2026Cybersecurity / Hacking Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some «patched-ish» thing already getting chewed…
Three years ago, the practical question for an MSP building a cybersecurity practice was which «vCISO platform» to buy. The term was good shorthand for the work at the time:…
adminCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised…
Ravie LakshmananJun 01, 2026Vulnerability / Website Security, Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000…
adminRavie LakshmananMay 31, 2026IoT Security / Network Security Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices,…
adminRavie LakshmananMay 30, 2026Vulnerability / Network Security Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in…
admin“U.S. military surveillance operations supporting strategic security monitoring.”
adminCybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant’s implicit trust in Markdown links and images to trigger prompt injections and…
Ravie LakshmananMay 29, 2026Vulnerability / Artificial Intelligence An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following…
adminRavie LakshmananMay 29, 2026Cyber Espionage / Artificial Intelligence A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at…
Shadow AI used to mean employees pasting things they shouldn’t into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing…
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and…
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through…
adminRavie LakshmananMay 28, 2026Vulnerability / Open Source A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary…
adminRavie LakshmananMay 28, 2026Vulnerability / Endpoint Security Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware. «The…
Ravie LakshmananMay 28, 2026Hacking News / Cybersecurity News Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of…
adminRavie LakshmananMay 28, 2026Zero Day / Vulnerability Disclosure Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give…
adminState of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their…
adminRavie LakshmananMay 28, 2026Supply Chain Attack / Malware A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft…
Ravie LakshmananMay 27, 2026Threat Intelligence / Supply Chain Attack Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX…
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to…
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They…
Ravie LakshmananMay 27, 2026Malware / Threat Intelligence CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a…
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a…
adminRavie LakshmananMay 27, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull…
adminMicrosoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. «This emerging delivery technique extends…
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of…
adminRavie LakshmananMay 26, 2026Vulnerability / Enterprise Security Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks…
The Hacker NewsMay 26, 2026Web Security / Artificial Intelligence Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers…
Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn’t log in without the…
adminThe Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where «feasible» to…
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software…
Ravie LakshmananMay 26, 2026Vulnerability / Threat Intelligence A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to…
Ravie LakshmananMay 25, 2026Cybersecurity / Hacking Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow…
Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear «Noisy,» «Too much data.» But ask the teams running NDR that includes agentic AI capabilities…
Ravie LakshmananMay 25, 2026Vulnerability / Web Security Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel…
Ravie LakshmananMay 25, 2026Endpoint Security / Threat Intelligence Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus…
A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more than 34 malicious packages across…
Ravie LakshmananMay 23, 2026Malware / DevSecOps A new «coordinated» supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from…
Ravie LakshmananMay 23, 2026Software Supply Chain / DevSecOps GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to…
Ravie LakshmananMay 23, 2026Artificial Intelligence / Vulnerability Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most «systemically»…
adminRavie LakshmananMay 23, 2026Supply Chain Attack / Malware Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver…
Ravie LakshmananMay 23, 2026Vulnerability / Website Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited…
adminRavie LakshmananMay 23, 2026Vulnerability / Web Security A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS…
adminAuthorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data…
adminRavie LakshmananMay 22, 2026Malware / Artificial Intelligence The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to…
admin1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This…
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. «Using throwaway accounts and…
Ravie LakshmananMay 22, 2026Cybercrime / Law Enforcement The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed denial-of-service…
Ravie LakshmananMay 22, 2026Vulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its…
Ravie LakshmananMay 22, 2026Vulnerability / Network Security Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive…
Ravie LakshmananMay 21, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting…
adminRavie LakshmananMay 21, 2026Hacking News / Cybersecurity News This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again.…
Ravie LakshmananMay 21, 2026Endpoint Security / Vulnerability Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former,…
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically.…
Ravie LakshmananMay 21, 2026Linux / Vulnerability Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS…
Ravie LakshmananMay 21, 2026Web Security / Vulnerability Drupal has released security updates for a «highly critical» security vulnerability in Drupal Core that could be exploited by attackers to achieve remote…
Ravie LakshmananMay 21, 2026Supply Chain Attack / Developer Tools GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee…
Ravie LakshmananMay 20, 2026Artificial Intelligence / Security Testing Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence…
The Hacker NewsMay 20, 2026Identity Security / Enterprise Security New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot…
adminMicrosoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of…
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or…
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here’s why your current stack can’t see them, and what detection actually requires. Download the…
Ravie LakshmananMay 20, 2026Vulnerability / Encryption Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked…