BleepingComputer Jul 7, 2026, 06:52 PM (UTC)
Read
Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromising internet-facing networking devices, primarily unpatched Ruckus routers. [...]
SecurityWeek Jul 7, 2026, 05:31 PM (UTC)
Read
The alleged victim, believed to be a small Ohio county, reportedly paid the extortion group to prevent the public release of sensitive stolen data. The post County Government Reportedly Paid $1 Million to Cyber Extortion Group appeared first on SecurityWeek.
BleepingComputer Jul 7, 2026, 05:27 PM (UTC)
Read
A hidden authentication backdoor has been found in multiple Tenda router firmware versions, potentially allowing an attacker to gain administrative access to the device's web management panel. [...]
SecurityWeek Jul 7, 2026, 05:17 PM (UTC)
Read
Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets. The post Critical Gitea Flaw Under Active Exploitation, Researchers Warn appeared first…
The Hacker News Jul 7, 2026, 05:10 PM (UTC)
Read
A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over a victim's phone, steal their banking logins, and capture the one-time codes that protect their accoun…
The Hacker News Jul 7, 2026, 04:37 PM (UTC)
Read
A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project. From there, they could read live conversations, steal the data us…
Infosecurity Magazine Jul 7, 2026, 03:40 PM (UTC)
Read
A suspected Chinese threat cluster is exploiting Roundcube vulnerabilities to compromise university networks in the US and Canada and harvest user credentials
BleepingComputer Jul 7, 2026, 03:21 PM (UTC)
Read
The National Police in Spain have arrested a man who is suspected of being an active member of the CyberArmy of Russia Reborn (CARR) and Z-Pentest, both pro-Russian hacktivist groups. [...]
The Hacker News Jul 7, 2026, 03:14 PM (UTC)
Read
A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC. "The campaign did not depend on a fake M…
The Hacker News Jul 7, 2026, 02:04 PM (UTC)
Read
A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma Security have shown. The attacker needs only to open a normal-looking issue on a public repository, with no stolen creden…
BleepingComputer Jul 7, 2026, 02:01 PM (UTC)
Read
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't guarantee a secure pipeline, and how organizations can better govern their CI/CD workflows. [...]
Infosecurity Magazine Jul 7, 2026, 02:00 PM (UTC)
Read
Group-IB analysis argued Scattered Spider is a decentralized collective of independent clusters
The Hacker News Jul 7, 2026, 01:27 PM (UTC)
Read
U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint. Microsoft records tied that ID first to the account the attackers used…
The Hacker News Jul 7, 2026, 01:27 PM (UTC)
Read
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise. The one-click vulnerability has…
SecurityWeek Jul 7, 2026, 01:13 PM (UTC)
Read
The audits are reportedly being spearheaded by CISA’s Attack Surface Evaluation team, a specialized unit tasked with conducting digital defense assessments and simulated hacking exercises. The post CISA Reportedly Using Anthropic’s Mythos to Scan Government So…
SecurityWeek Jul 7, 2026, 12:38 PM (UTC)
Read
Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10. The post Critical Adobe ColdFusion Vulnerability Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek Jul 7, 2026, 12:21 PM (UTC)
Read
Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in Israel. The post Iran-Linked Hackers Using Modular C&C Framework in Cyberattacks appeared first on Secu…
BleepingComputer Jul 7, 2026, 12:12 PM (UTC)
Read
Tomorrow's webinar explores how behavioral AI can help organizations detect sophisticated phishing, business email compromise, and account takeover attacks while reducing alert fatigue through automated investigation and response workflows. [...]
BleepingComputer Jul 7, 2026, 12:06 PM (UTC)
Read
A 16-year-old Linux kernel vulnerability, dubbed Januscape, allows attackers to escape a virtual machine and execute arbitrary code on the host. [...]
SecurityWeek Jul 7, 2026, 12:00 PM (UTC)
Read
Tarah Wheeler is CISO at TPO Group, a firm that provides cybersecurity consultancy for high-stakes organizations. But despite this elevated position, her journey was far from typical. The post CISO Conversations: Tarah Wheeler, Cybersecurity Leader, Thought Le…
The Hacker News Jul 7, 2026, 11:30 AM (UTC)
Read
Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, "software supply chain security" meant one question: what's in your code? Which open-source packages, which versions, which transitive dependencies three layers…
SecurityWeek Jul 7, 2026, 10:00 AM (UTC)
Read
The 16-year-old Januscape flaw affects Linux's KVM hypervisor, allowing attackers to escape virtual machines and potentially execute code on the underlying host. The post Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems appeared first on Se…
Infosecurity Magazine Jul 7, 2026, 10:00 AM (UTC)
Read
More than 60 organizations, including M&S, Microsoft UK and Vodafone, have signed the UK government's Cyber Resilience Pledge, a new initiative aimed at boosting cyber security and resilience across British businesses
BleepingComputer Jul 7, 2026, 09:41 AM (UTC)
Read
Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2. [...]
SecurityWeek Jul 7, 2026, 09:30 AM (UTC)
Read
The investment will accelerate Keyfactor's machine identity, PKI, and cryptographic security platform as enterprises prepare for AI-driven and post-quantum threats. The post Keyfactor Scores $1 Billion+ Investment for AI, Post-Quantum Security appeared first o…
The Hacker News Jul 7, 2026, 09:10 AM (UTC)
Read
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of no…
Infosecurity Magazine Jul 7, 2026, 08:20 AM (UTC)
Read
Threat actors are exploiting an Adobe ColdFusion vulnerability which has a CVSS score of 10.0
BleepingComputer Jul 7, 2026, 08:12 AM (UTC)
Read
BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow attackers to bypass authentication. [...]
BleepingComputer Jul 7, 2026, 07:37 AM (UTC)
Read
Microsoft has begun testing the Cloud Rebuild recovery feature in the latest Windows 11 Insider Preview builds released for users in the Experimental channel. [...]
Infosecurity Magazine Jul 7, 2026, 07:00 AM (UTC)
Read
Attacks also used a compromised chatbot in campaign to steal sensitive information from Business Users
The Hacker News Jul 7, 2026, 06:40 AM (UTC)
Read
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT…
The Hacker News Jul 7, 2026, 05:16 AM (UTC)
Read
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices. The…
BleepingComputer Jul 6, 2026, 08:27 PM (UTC)
Read
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals. [...]
BleepingComputer Jul 6, 2026, 08:23 PM (UTC)
Read
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. [...]
SecurityWeek Jul 6, 2026, 07:14 PM (UTC)
Read
Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer. The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared fir…
The Hacker News Jul 6, 2026, 06:34 PM (UTC)
Read
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. The activity, which…
BleepingComputer Jul 6, 2026, 06:25 PM (UTC)
Read
Vietnamese authorities have arrested and are prosecuting seven suspects believed to have run HiAnime, the largest anime piracy streaming service before its shutdown in June. [...]
The Hacker News Jul 6, 2026, 05:37 PM (UTC)
Read
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM share…
The Hacker News Jul 6, 2026, 04:28 PM (UTC)
Read
Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform…
Infosecurity Magazine Jul 6, 2026, 04:00 PM (UTC)
Read
Check Point researchers have identified a new cyber adversary targeting Israeli government and IT businesses, tracked as ‘Cavern Manticore’
SecurityWeek Jul 6, 2026, 03:20 PM (UTC)
Read
Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. The post The Shift Toward Business-Aligned Risk Management appeared first on SecurityWeek.
Infosecurity Magazine Jul 6, 2026, 03:00 PM (UTC)
Read
Zscaler found sites hiding prompt-injection text to manipulate AI agents into crypto payments
Infosecurity Magazine Jul 6, 2026, 02:15 PM (UTC)
Read
Opera GX flaw let sites automatically install mods to steal data from other pages, now patched
BleepingComputer Jul 6, 2026, 02:00 PM (UTC)
Read
Every evolution in software development has reduced the friction between an idea and a deployable application. AI may remove the final barrier, but it also removes many of the moments where security decisions have traditionally taken place. [...]
BleepingComputer Jul 6, 2026, 01:18 PM (UTC)
Read
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to vulnerability intelligence company KEVIntel. [...]
The Hacker News Jul 6, 2026, 01:01 PM (UTC)
Read
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code p…
The Hacker News Jul 6, 2026, 11:30 AM (UTC)
Read
Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms tha…
The Hacker News Jul 6, 2026, 10:58 AM (UTC)
Read
A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, co…
Infosecurity Magazine Jul 6, 2026, 09:00 AM (UTC)
Read
IWF and NCA warn that growing numbers of images and videos are being manipulated into sexual abuse material
The Hacker News Jul 6, 2026, 08:50 AM (UTC)
Read
Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a fai…
Infosecurity Magazine Jul 6, 2026, 08:30 AM (UTC)
Read
Researchers have revealed JadePuffer, the first agentic AI-powered ransomware campaign, highlighting how autonomous agents can automate cyber-attacks
The Hacker News Jul 6, 2026, 08:13 AM (UTC)
Read
Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that's capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-servi…
The Hacker News Jul 6, 2026, 07:27 AM (UTC)
Read
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a s…
The Hacker News Jul 6, 2026, 06:33 AM (UTC)
Read
Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick…
BleepingComputer Jul 5, 2026, 02:14 PM (UTC)
Read
Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. [...]
The Hacker News Jul 4, 2026, 12:47 PM (UTC)
Read
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that…
The Hacker News Jul 4, 2026, 11:17 AM (UTC)
Read
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "Th…
The Hacker News Jul 3, 2026, 08:19 PM (UTC)
Read
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the…
The Hacker News Jul 3, 2026, 07:40 PM (UTC)
Read
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stret…
The Hacker News Jul 3, 2026, 06:55 PM (UTC)
Read
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection…
The Hacker News Jul 3, 2026, 04:07 PM (UTC)
Read
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup…
The Hacker News Jul 3, 2026, 01:36 PM (UTC)
Read
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "Armored Likho blends financially motivated campaigns targetin…
Infosecurity Magazine Jul 3, 2026, 01:00 PM (UTC)
Read
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say
Infosecurity Magazine Jul 3, 2026, 11:30 AM (UTC)
Read
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning
The Hacker News Jul 3, 2026, 11:05 AM (UTC)
Read
A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse…
Infosecurity Magazine Jul 3, 2026, 09:35 AM (UTC)
Read
The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets
The Hacker News Jul 3, 2026, 08:03 AM (UTC)
Read
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf Threat Labs, is distributed as a compiled AppleScript (…
Krebs on Security Jul 2, 2026, 07:27 PM (UTC)
Read
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR].…
The Hacker News Jul 2, 2026, 06:54 PM (UTC)
Read
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's Threat Intelligence Group (GTIG) said this week it had reduced the ne…
The Hacker News Jul 2, 2026, 06:30 PM (UTC)
Read
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through us…
The Hacker News Jul 2, 2026, 03:24 PM (UTC)
Read
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through. This is not one big break…
The Hacker News Jul 2, 2026, 01:04 PM (UTC)
Read
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this campaign, the attackers focused their attention on corporate emai…
Infosecurity Magazine Jul 2, 2026, 12:51 PM (UTC)
Read
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first
Infosecurity Magazine Jul 2, 2026, 12:00 PM (UTC)
Read
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world
The Hacker News Jul 2, 2026, 11:30 AM (UTC)
Read
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise environments, the governance model built for humans d…
Infosecurity Magazine Jul 2, 2026, 10:00 AM (UTC)
Read
The NCSC has shared best practice advice from pen testers which could help improve system resilience
The Hacker News Jul 2, 2026, 09:13 AM (UTC)
Read
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing…
Infosecurity Magazine Jul 2, 2026, 08:45 AM (UTC)
Read
A teenager accused of hacking as part of Scattered Spider has been arrested
The Hacker News Jul 2, 2026, 08:00 AM (UTC)
Read
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructu…
The Hacker News Jul 2, 2026, 07:24 AM (UTC)
Read
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and…
The Hacker News Jul 2, 2026, 05:46 AM (UTC)
Read
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, trac…
The Hacker News Jul 1, 2026, 07:40 PM (UTC)
Read
Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, which found the bug,…
The Hacker News Jul 1, 2026, 07:28 PM (UTC)
Read
A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1. Peter Stokes, 19, a dual U.S. and Esto…
The Hacker News Jul 1, 2026, 05:53 PM (UTC)
Read
Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on…
The Hacker News Jul 1, 2026, 05:18 PM (UTC)
Read
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEIL#DROP by Securonix. It's suspected that…
The Hacker News Jul 1, 2026, 03:26 PM (UTC)
Read
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really…
The Hacker News Jul 1, 2026, 03:25 PM (UTC)
Read
Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escala…
The Hacker News Jul 1, 2026, 02:42 PM (UTC)
Read
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair…
Infosecurity Magazine Jul 1, 2026, 02:30 PM (UTC)
Read
Securonix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memory
The Hacker News Jul 1, 2026, 01:56 PM (UTC)
Read
A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian cybersecurity company said it identified exploitation attem…
Infosecurity Magazine Jul 1, 2026, 01:45 PM (UTC)
Read
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing
The Hacker News Jul 1, 2026, 12:59 PM (UTC)
Read
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs…
The Hacker News Jul 1, 2026, 11:30 AM (UTC)
Read
Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms this is the case, as this year's findings reveal a seri…
Infosecurity Magazine Jul 1, 2026, 11:00 AM (UTC)
Read
The new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases”
The Hacker News Jul 1, 2026, 10:41 AM (UTC)
Read
Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner than previously expected. "Advances in quantum research and…
Infosecurity Magazine Jul 1, 2026, 10:00 AM (UTC)
Read
Microsoft has brought forward its timelines for transitioning to post-quantum cryptography (PQC)
Infosecurity Magazine Jul 1, 2026, 09:00 AM (UTC)
Read
Aflac Japan has notified regulators that policy details and personal and banking information have been compromised
The Hacker News Jul 1, 2026, 07:20 AM (UTC)
Read
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks' Unit 42 ca…
Infosecurity Magazine Jun 30, 2026, 04:00 PM (UTC)
Read
Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign
Infosecurity Magazine Jun 30, 2026, 03:34 PM (UTC)
Read
Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware
Infosecurity Magazine Jun 30, 2026, 12:00 PM (UTC)
Read
ReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS users
Infosecurity Magazine Jun 30, 2026, 10:30 AM (UTC)
Read
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
Infosecurity Magazine Jun 30, 2026, 09:30 AM (UTC)
Read
SonicWall records 264,000 events in first five months of 2026 as UK hospitals come under siege
Infosecurity Magazine Jun 30, 2026, 08:00 AM (UTC)
Read
Report Fraud data reveals that more than half of 323 UK ransomware victims last year were SMEs
Infosecurity Magazine Jun 29, 2026, 03:00 PM (UTC)
Read
OpenAI is previewing its GPT-5.6 Sol model to a vetted few at the US government's request
Infosecurity Magazine Jun 29, 2026, 02:30 PM (UTC)
Read
Group-IB says Millenium RAT, now rewritten in C++, has hit 62,289 devices in 160+ countries
Infosecurity Magazine Jun 29, 2026, 10:00 AM (UTC)
Read
An attacker has exploited a zero day in Oracle Peoplesoft to gain access to the IT systems of the NAIC, the standard-setting association for the US federal insurance system
Infosecurity Magazine Jun 29, 2026, 09:15 AM (UTC)
Read
Experts warn the Jaguar Land Rover breach bears hallmarks of Kremlin-backed hackers, citing novel ransomware, strategic timing and efforts to obscure attribution
Infosecurity Magazine Jun 29, 2026, 08:15 AM (UTC)
Read
The FBI claims Russian spies are targeting Signal backup keys
Infosecurity Magazine Jun 26, 2026, 10:30 AM (UTC)
Read
A China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCT
Infosecurity Magazine Jun 26, 2026, 08:00 AM (UTC)
Read
The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents
Infosecurity Magazine Jun 25, 2026, 02:15 PM (UTC)
Read
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
Infosecurity Magazine Jun 25, 2026, 01:00 PM (UTC)
Read
Digital Citizens Alliance report claims that millions of Americans may have unwittingly had IP connections used by cybercriminals
Infosecurity Magazine Jun 25, 2026, 12:00 PM (UTC)
Read
Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing
Infosecurity Magazine Jun 25, 2026, 11:30 AM (UTC)
Read
New CISA guidance shows federal agencies how to use SASE to move from legacy TIC 2.0 to zero trust
Infosecurity Magazine Jun 25, 2026, 11:00 AM (UTC)
Read
macos-xpc-flaw-disable-edr-mdm-standard-user-xm-cyber
Infosecurity Magazine Jun 25, 2026, 10:45 AM (UTC)
Read
Analysis of ransomware incidents by researchers at Black Kite found that attacks have risen by over 50% in the last year, with supply chain attacks increasing
Infosecurity Magazine Jun 24, 2026, 04:05 PM (UTC)
Read
LayerX tricked AI browsers including ChatGPT Atlas and Comet into bypassing their guardrails
Infosecurity Magazine Jun 24, 2026, 03:25 PM (UTC)
Read
Operation Endgame seized around 50 domains and nearly 200 active IP-based servers associated with the infostealers
Infosecurity Magazine Jun 24, 2026, 02:00 PM (UTC)
Read
SentinelLabs found a North Korea-linked macOS backdoor using prompt injection on AI triage tools
Infosecurity Magazine Jun 24, 2026, 12:45 PM (UTC)
Read
Customers of the affected Japanese email services are “strongly advised” to change their email passwords
Infosecurity Magazine Jun 24, 2026, 12:00 PM (UTC)
Read
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
Infosecurity Magazine Jun 24, 2026, 09:30 AM (UTC)
Read
New ReliaQuest study reveals the six ways AI is practically being used in attacks today
Infosecurity Magazine Jun 24, 2026, 08:40 AM (UTC)
Read
Public Accounts Committee (PAC) warns that museums and galleries aren’t getting enough government support on cyber