RSS Feeds

• [Bleeping Computer] CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
• [Bleeping Computer] Chinese APT deploys new malware to keep access to hacked networks
• [Bleeping Computer] Dark web Nemesis Market vendor gets 26 years for selling drugs
• [Bleeping Computer] Over 900 US gas station tank gauge systems exposed to attacks
• [Bleeping Computer] What 2026 DBIR Confirms: Attacks Are Living in the Browser
• [Bleeping Computer] Cisco warns of unpatched SD-WAN zero-day exploited in attacks
• [Bleeping Computer] Brave Software releases Origin for a paid, bloat-free browsing experience
• [Bleeping Computer] Hola Browser for Windows compromised to deliver cryptominer
• [Bleeping Computer] Credit card theft campaign abuses Stripe to host stolen payment info
• [Bleeping Computer] DentaQuest data breach exposed info of 2.6 million accounts
• [Bleeping Computer] UN food agency discloses breach affecting 600,000 Gaza households
• [Bleeping Computer] New IronWorm malware hits 36 packages in npm supply-chain attack
• [Bleeping Computer] Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
• [Bleeping Computer] Microsoft blames unexpected Windows driver updates on caching issue
• [Bleeping Computer] Police dismantles fake ID marketplace used by migrant smugglers
• [Security Week] OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
• [Security Week] In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
• [Security Week] Hackers Leak DentaQuest Information Impacting 2.6 Million
• [Security Week] Chrome 149 Patches 429 Vulnerabilities
• [Security Week] Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
• [Security Week] Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities
• [Security Week] Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals
• [Security Week] Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
• [Security Week] Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
• [Security Week] Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
• [The Hackers News] IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
• [The Hackers News] Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
• [The Hackers News] New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
• [The Hackers News] Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
• [The Hackers News] Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
• [The Hackers News] FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
• [The Hackers News] PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
• [The Hackers News] Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
• [The Hackers News] Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
• [The Hackers News] Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
• [The Hackers News] ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
• [The Hackers News] China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
• [The Hackers News] FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
• [The Hackers News] Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
• [The Hackers News] Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
• [The Hackers News] DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
• [The Hackers News] WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
• [The Hackers News] One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
• [The Hackers News] Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
• [The Hackers News] CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
• [The Hackers News] Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
• [The Hackers News] Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
• [The Hackers News] Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
• [The Hackers News] Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
• [The Hackers News] Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
• [The Hackers News] New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
• [The Hackers News] Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
• [The Hackers News] Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
• [The Hackers News] Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
• [The Hackers News] Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
• [The Hackers News] AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
• [The Hackers News] How Leading Organizations Are Turning EDR Into Operational Resilience
• [The Hackers News] Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
• [The Hackers News] Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
• [The Hackers News] Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
• [The Hackers News] ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
• [The Hackers News] China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
• [The Hackers News] The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
• [The Hackers News] OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
• [The Hackers News] Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
• [The Hackers News] Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
• [The Hackers News] PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
• [The Hackers News] ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
• [The Hackers News] Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
• [The Hackers News] New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
• [The Hackers News] What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
• [The Hackers News] Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
• [The Hackers News] Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
• [The Hackers News] Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
• [The Hackers News] Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
• [CISA ICS Advisories] Hitachi Energy MACH HiDraw
• [CISA ICS Advisories] Hitachi Energy RTU500
• [CISA ICS Advisories] NAVTOR NavBox
• [CISA ICS Advisories] Hitachi Energy ITT600 Explorer
• [CISA ICS Advisories] B&R PPT30 Operating System
• [CISA ICS Advisories] KMW CCTV Security Cameras
• [CISA ICS Advisories] ABB Busch-Welcome 2 Wire Door Opener Actuator
• [CISA ICS Advisories] MacGregor Voyage Data Recorder (VDR) G4e
• [CISA ICS Advisories] Schneider Electric EcoStruxure Machine Expert HVAC
• [CISA ICS Advisories] XCharge C6
• [CISA ICS Advisories] ABB EIBPORT
• [CISA ICS Advisories] Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
• [CISA ICS Advisories] CP Plus 8 Ch. Network Video Recorder
• [CISA ICS Advisories] ABB LVS MConfig
• [CISA ICS Advisories] ABB Terra AC
• [CISA ICS Advisories] ABB Ability Zenon Remote Transport Vulnerability (Update A)
• [CISA ICS Advisories] ABB AC500 V2
• [CISA ICS Advisories] ABB Ability Camera Connect
• [CISA ICS Advisories] ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
• [CISA ICS Advisories] ABB B&R PCs
• [CISA ICS Advisories] ABB B&R Automation Runtime
• [CISA ICS Advisories] ABB Terra AC Wallbox
• [CISA ICS Advisories] Hitachi Energy GMS600
• [CISA ICS Advisories] ABB B&R Automation Studio
• [CISA ICS Advisories] ScadaBR
• [CISA ICS Advisories] Kieback & Peter DDC Building Controllers
• [CISA ICS Advisories] Siemens RUGGEDCOM APE1808 Devices
• [CISA ICS Advisories] ABB CoreSense HM and CoreSense M10
• [CISA ICS Advisories] ZKTeco CCTV Cameras
• [CISA ICS Advisories] Siemens Ruggedcom Rox
• [Fortinet Outbreak] Citrix NetScaler Memory Overread Vulnerability
• [Fortinet Outbreak] Cisco ASA and FTD Firewall RCE
• [Fortinet Outbreak] SmarterTools SmarterMail RCE
• [Fortinet Outbreak] React2Shell Remote Code Execution
• [Fortinet Outbreak] Iran-linked Cyber Attacks
• [Fortinet Outbreak] Interlock Ransomware Attack
• [Fortinet Outbreak] Outbreak Alert- Annual Report 2025
• [Fortinet Outbreak] Versa Concerto SD-WAN Authentication Bypass
• [Fortinet Outbreak] Zimbra Collaboration Local File Inclusion
• [Fortinet Outbreak] UNC1549 Critical Infrastructure Espionage Attack
• [Fortinet Outbreak] Akira Ransomware
• [Fortinet Outbreak] Oracle E-Business Suite RCE Zero-day
• [Fortinet Outbreak] Fortra GoAnywhere MFT Attack
• [Fortinet Outbreak] ShadowSilk Data Exfiltration Attack
• [Fortinet Outbreak] Citrix Bleed 2
• [Fortinet Outbreak] Microsoft SharePoint Zero-day Attack
• [Fortinet Outbreak] SonicWall Secure Mobile Access Attack
• [Fortinet Outbreak] Langflow Unauth RCE Attack
• [Fortinet Outbreak] TBK DVRs Botnet Attack
• [Fortinet Outbreak] SimpleHelp Support Software Attack
• [Fortinet Threat Signal] cPanel & WHM Authentication Bypass
• [Fortinet Threat Signal] Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• [Fortinet Threat Signal] Microsoft Shell Spoofing Zero-day Vulnerability
• [Fortinet Threat Signal] Apache ActiveMQ RCE
• [Fortinet Threat Signal] Medusa Ransomware Attack
• [Fortinet Threat Signal] TrueConf Zero-Day Attack
• [Fortinet Threat Signal] Axios npm Supply Chain Compromise
• [Fortinet Threat Signal] DarkSword iOS Exploit Chain
• [Fortinet Threat Signal] Handala Wiper Attack
• [Fortinet Threat Signal] Ivanti Connect Secure Zero-Day Vulnerability