notice: please create a custom view template for the cybersec class view-cybersec.html
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host
5:10 am, May 7, 2026
guid
https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
source_url
https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
id: 969
uid: 4gbhV
insdate: 2026-05-07 05:10:06
title: vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
additional: A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host
category: Cybersecurity
md5:
guid: https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
source_url: https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
updated:
image:
author_name:
author_link:
uid: 4gbhV
insdate: 2026-05-07 05:10:06
title: vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
additional: A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host
category: Cybersecurity
md5:
guid: https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
source_url: https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html
updated:
image:
author_name:
author_link:
Add Comment
AI Testing

Page Views
This page has been viewed 7 times.
Search cybersec
Category List cybersec
- Cybersecurity
- "Comment stuffing" in an HTML phishing attachment as a mechanism for evading AI-based detection?, (Fri, Jul 10th)
- $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
- $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
- [GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)
- [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
- [Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)
- [Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
- _HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)
- 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
- 'NoVoice' Android malware on Google Play infected 2.3 million devices
- /proxy/ URL scans with IP addresses, (Mon, Mar 16th)
- 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
- 11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
- 13-year-old bug in ActiveMQ lets hackers remotely execute commands
- 144 Mastra npm Packages Compromised via Hijacked Contributor Account
- 148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
- 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
- 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
- 15-year-old detained over French govt agency data breach
- 152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
- 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
- 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
- 18-year-old NGINX vulnerability allows DoS, potential RCE
- 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
- 20+ Hijacked Government Websites Became an Attack Channel
- 2026 Browser Data Reveals Major Enterprise Security Blind Spots
- 2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience
- 2026: The Year of AI-Assisted Attacks
- 22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
- 22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
- 236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers
- 23andMe to pay $18 million in new genetics data breach settlement
- 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
- 282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study
- 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests
- 3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
- 3 SOC Process Fixes That Unlock Tier 1 Productivity
- 3 SOC Steps that Shut Down Incident Risks Early
- 3 Ways AI Powers Service Desk Attacks and How to Prevent Them
- 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
- 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
- 400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
- 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
- 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
- 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
- 5 Ways Zero Trust Maximizes Identity Security
- 5 reasons Microsoft 365 backup isn’t enough for business data protection
- 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
- 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
- 7 Ways to Prevent Privilege Escalation via Password Resets
- 7-Eleven confirms data breach claimed by the ShinyHunters gang
- 7-Eleven data breach exposes personal information of 185,000 people
- 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
- 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
- 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
- A .WAV With A Payload, (Tue, Apr 21st)
- A Glimpse into the “Search Your Target” Market for Stolen Credentials
- A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
- A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
- A Record-Breaking Patch Tuesday for June 2026
- ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
- ADT confirms data breach after ShinyHunters leak threat
- AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
- AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
- AI Agents Broke the Security Playbook. Here's What Replaces It.
- AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
- AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up
- AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
- AI Can Find Bugs, But Human Knowledge Still Proves Them
- AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
- AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers
- AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
- AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
- AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
- AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
- AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
- AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android
- AI-built ransomware toolkit automates EDR evasion, AD discovery
- AI-generated Slopoly malware used in Interlock ransomware attack
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
- APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
- APT28 hackers deploy customized variant of Covenant open-source tool
- APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
- APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
- ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
- Abbott Laboratories probes two cyber incidents amid extortion claims
- Abbott probes two cyber incidents amid extortion claims
- Accenture confirms breach after hacker offers stolen data for sale
- Acer working to patch max severity zero-days in Wave 7 routers
- Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
- Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
- Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
- Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
- Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
- Adobe patches seven max severity ColdFusion, Campaign flaws
- Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
- Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
- After Mythos: New Playbooks For a Zero-Window Era
- Agent AI is Coming. Are You Ready?
- Agentic AI Has an Identity Problem and Attackers Know It
- Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
- Agentic AI: The Weapon That No Longer Needs a Warrior
- Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
- Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
- AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks
- AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
- Ajax football club hack exposed fan data, enabled ticket hijack
- Alabama man pleads guilty to hacking, extorting hundreds of women
- Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
- Alleged Scattered Spider hacker extradited to the United States
- Alleged Silk Typhoon hacker extradited to US for cyberespionage
- Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
- Amadey, StealC malware operations disrupted in Operation Endgame action
- Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
- Amazon SES increasingly abused in phishing to evade detection
- Amazon fined $2.25M for withholding evidence from fraud victims
- Amazon: Drone strikes damaged AWS data centers in Middle East
- American utility firm Itron discloses breach of internal IT network
- Americans sentenced for running 'laptop farms' for North Korea
- An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)
- An Example of Stack String in High Level Language, (Sat, May 23rd)
- Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
- Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
- Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
- Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
- Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
- Android 17 to expand banking scam call and privacy protections
- Android Adds Intrusion Logging for Sophisticated Spyware Forensics
- Android Developer Verification Rollout Begins Ahead of September Enforcement
- Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
- Android gets patches for Qualcomm zero-day exploited in attacks
- Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
- Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
- Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
- Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards
- Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls
- Anthropic confirms Claude Mythos-class models will roll out to the public
- Anthropic is testing desktop-like Claude Cowork for mobile
- Anthropic rolls out Claude Fable 5, but it's available for a limited time
- Anthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower price
- Anthropic to restore Claude Fable access on Wednesday
- Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
- Anthropic’s restricted Claude Mythos model may be coming to Claude Code
- Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
- Anti-piracy coalition takes down AnimePlay app with 5 million users
- Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
- Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
- Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
- Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
- Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs
- Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
- Apple Patches Everything, (Mon, May 11th)
- Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
- Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
- Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
- Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
- Apple account change alerts abused to send phishing emails
- Apple adds macOS Terminal warning to block ClickFix attacks
- Apple blocked over $11 billion in App Store fraud in 6 years
- Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
- Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
- Apple fixes bug that let the FBI recover deleted Signal messages
- Apple fixes iOS bug that retained deleted notification data
- Apple patches older iPhones and iPads against Coruna exploits
- Apple pushes first Background Security Improvements update to fix WebKit flaw
- Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
- AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
- April KB5083769 Windows 11 update causes backup software failures
- April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
- Armenia Detains Russian Tourist on U.S. Warrant for REvil Hacker, Lawyers Say Wrong Man
- Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
- AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network
- AryStinger botnet infected thousands of D-Link routers worldwide
- AssuranceAmerica data breach exposes records of 6.9 million drivers
- AsyncAPI npm packages infected with credential-stealing malware
- Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
- Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
- Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets
- Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets
- Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer
- Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
- Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
- Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
- Aura confirms data breach exposing 900,000 marketing contacts
- Australia warns of ClickFix attacks pushing Vidar Stealer malware
- Australia warns of global campaign targeting vulnerable CMS platforms
- Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
- Authorities dismantle 'AudiA6' ransomware crypto-laundering service
- Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
- AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution
- Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
- Avada Builder WordPress plugin flaws allow site credential theft
- Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
- Axios npm hack used fake Teams error fix to hijack maintainer account
- Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
- Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
- BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
- BTMOB Android malware service generates custom phishing payloads
- Backdoored PyTorch Lightning package drops credential stealer
- Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
- Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
- Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
- Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
- Betterleaks, a new open-source secrets scanner to replace Gitleaks
- Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
- BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
- BeyondTrust warns of critical flaws in remote access software
- Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
- Bitrefill blames North Korean Lazarus group for cyberattack
- Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
- Bitwarden CLI npm package compromised to steal developer credentials
- Bitwarden adds support for passkey login on Windows 11
- Blackfield ransomware asks Nidec Corporation for $2 million ransom
- Block the Prompt, Not the Work: The End of "Doctor No"
- Bluekit phishing kit adopts browser-in-the-middle for login theft
- Brave Software releases Origin for a paid, bloat-free browsing experience
- Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
- Breach at the Beach: Play the Ultimate Entra ID CTF
- Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
- British Scattered Spider hacker pleads guilty to crypto theft charges
- Broken VECT 2.0 ransomware acts as a data wiper for large files
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
- Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
- Bubble AI app builder abused to steal Microsoft account credentials
- Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
- C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
- CERT-EU: European Commission hack exposes data of 30 EU entities
- CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
- CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
- CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
- CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
- CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
- CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
- CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
- CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
- CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
- CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
- CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
- CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
- CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
- CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
- CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
- CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
- CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
- CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
- CISA Admin Leaked AWS GovCloud Keys on Github
- CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
- CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
- CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
- CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
- CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
- CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited
- CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices
- CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
- CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
- CISA flags Apache ActiveMQ flaw as actively exploited in attacks
- CISA flags VMware Aria Operations RCE flaw as exploited in attacks
- CISA flags Windows Task Host vulnerability as exploited in attacks
- CISA flags Wing FTP Server flaw as actively exploited in attacks
- CISA flags new SD-WAN flaw as actively exploited in attacks
- CISA flags two-year-old Oracle flaw as actively exploited in attacks
- CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
- CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
- CISA gives feds four days to patch Ivanti flaw exploited as zero-day
- CISA orders feds to patch BlueHammer flaw exploited as zero-day
- CISA orders feds to patch DarkSword iOS flaws exploited attacks
- CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
- CISA orders feds to patch Windows flaw exploited as zero-day
- CISA orders feds to patch Zimbra XSS flaw exploited in attacks
- CISA orders feds to patch actively exploited Citrix flaw by Thursday
- CISA orders feds to patch actively exploited Drupal vulnerability
- CISA orders feds to patch actively exploited Ivanti flaw by Sunday
- CISA orders feds to patch actively exploited Oracle flaw by Saturday
- CISA orders feds to patch exploited Fortinet EMS flaw by Friday
- CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
- CISA orders feds to patch max severity ColdFusion flaw by Friday
- CISA orders feds to patch max severity Joomla plugin flaw by Friday
- CISA orders feds to patch max-severity Cisco flaw by Sunday
- CISA orders feds to patch n8n RCE flaw exploited in attacks
- CISA orders feds to prioritize patching Langflow auth bypass flaw
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
- CISA sets urgent deadline to fix Cisco flaw exploited in attacks
- CISA tells govt agencies to patch critical exploited flaws in 3 days
- CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
- CISA urges immediate action on actively exploited Fortinet flaws
- CISA warns Fortinet users to secure devices after FortiBleed leak
- CISA warns admins to patch actively exploited SharePoint flaws
- CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
- CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
- CISA warns of active attacks exploiting Android, Linux bugs
- CISA warns of actively exploited RCE flaws in Joomla extensions
- CISA warns of another cPanel plugin flaw exploited in attacks
- CISA warns of cyberattacks targeting fuel tank monitoring systems
- CISA warns of max severity Ubiquiti flaws exploited in attacks
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
- CISA: Microsoft SharePoint RCE flaw now actively exploited
- CISA: New Langflow flaw actively exploited to hijack AI workflows
- CISA: Recently patched Ivanti EPM flaw now actively exploited
- CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
- CISA: Windows BlueHammer flaw now exploited by ransomware gangs
- CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
- CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
- CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
- California AG sues 23andMe over 2023 breach exposing health data
- Can the Security Platform Finally Deliver for the Mid-Market?
- Can you enforce strong Active Directory password rules without frustrating users?
- Canada arrests three for operating “SMS blaster” device in Toronto
- Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices
- Canadian retail giant Loblaw notifies customers of data breach
- Canvas Breach Disrupts Schools & Colleges Nationwide
- Canvas login portals hacked in mass ShinyHunters extortion campaign
- Carnival Cruise confirms data breach affecting nearly 6 million people
- Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
- Charter Communications data breach affects 4.9 million accounts
- Charter confirms data breach after ShinyHunters extortion threat
- ChatGPT rolls out new $100 Pro subscription to challenge Claude
- ChatGPT share links abused to host fake outage pages to deliver malware
- ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
- Check Point links VPN zero-day attacks to Qilin ransomware gang
- Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
- Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
- China's Apple App Store infiltrated by crypto-stealing wallet apps
- China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
- China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
- China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
- China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
- China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
- China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
- China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
- China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
- China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
- China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
- China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
- China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
- China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware
- China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
- China-linked JDY botnet expands targeting of U.S. military networks
- Chinese APT deploys new malware to keep access to hacked networks
- Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
- Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
- Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
- Chinese hackers breach REDCap servers, steal medical research
- Chinese hackers develop LONGLEASH malware to expand ORB network
- Chinese hackers hijack auth flow, spy on isolated network for a decade
- Chinese hackers target telcos with new Linux, Windows malware
- Chinese hackers use new Atlas RAT malware in European cyberattacks
- Chinese state hackers target telcos with new malware toolkit
- Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
- ChocoPoc malware delivered via trojanized exploits on GitHub
- Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
- Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
- Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
- Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
- Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
- Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
- Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
- Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
- Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
- Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
- Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
- Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
- Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
- Cisco finally confirms attackers exploiting Unified CM flaw
- Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
- Cisco flags more SD-WAN flaws as actively exploited in attacks
- Cisco says critical Webex Services flaw requires customer action
- Cisco source code stolen in Trivy-linked dev environment breach
- Cisco warns of critical Unified CM flaw with PoC exploit code
- Cisco warns of max severity Secure FMC flaws giving root access
- Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
- Cisco warns of unpatched SD-WAN zero-day exploited in attacks
- Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
- Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
- Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service
- Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
- Citrix urges admins to patch NetScaler flaws as soon as possible
- Claude AI finds Vim, Emacs RCE bugs that trigger on file open
- Claude Chrome extension flaw lets malicious extensions trigger AI actions
- Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
- Claude Code Security and Magecart: Getting the Threat Model Right
- Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
- Claude Code leak used to push infostealer malware on GitHub
- Claude Code source code accidentally leaked in NPM package
- Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
- Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
- Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time
- Claude Fable relaunch disappoints users with nerfed performance
- Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
- Clean GitHub repo tricks AI coding agents into running malware
- Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)
- ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
- ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
- CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
- Coca-Cola says Fairlife ransomware attack halts US dairy production
- Cognizant TriZetto breach exposes health data of 3.4 million patients
- Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
- Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
- Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
- Compromised Site Management Panels are a Hot Item in Cybercrime Markets
- Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
- ConnectWise patches new flaw allowing ScreenConnect hijacking
- ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
- ConsentFix v3 attacks target Azure with automated OAuth abuse
- Continuing Scans for swagger.json, (Wed, Jun 3rd)
- Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
- Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
- Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
- Coruna iOS exploit framework linked to Triangulation attacks
- Cosmetics giant Rituals discloses data breach affecting customers
- Council of Europe investigates ShinyHunters data breach claims
- Coupang hit with record $409 million data breach fine in Korea
- Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
- CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
- Credit card theft campaign abuses Stripe to host stolen payment info
- Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
- Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
- Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
- Critical Cisco IMC auth bypass gives attackers Admin access
- Critical Citrix NetScaler memory flaw actively exploited in attacks
- Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
- Critical Everest Forms Pro flaw exploited to take over WordPress sites
- Critical Fortinet FortiSandbox flaws now exploited in attacks
- Critical Fortinet Forticlient EMS flaw now exploited in attacks
- Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
- Critical Kirki flaw exploited to hijack WordPress admin accounts
- Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
- Critical Marimo pre-auth RCE flaw now under active exploitation
- Critical Microsoft SharePoint flaw now exploited in attacks
- Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
- Critical Nginx UI auth bypass flaw now actively exploited in the wild
- Critical SimpleHelp flaw exploited to deploy new stealer malware
- Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
- Critical UniFi OS bug lets hackers gain root without authentication
- Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
- Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
- Critical Windows Netlogon RCE flaw now exploited in attacks
- Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
- Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
- Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
- Critical cPanel and WHM bug exploited as a zero-day, PoC now available
- Critical flaw in Protobuf library enables JavaScript code execution
- Critical flaw in wolfSSL library enables forged certificate use
- Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
- Critical vm2 sandbox bug lets attackers execute code on hosts
- Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
- Cross-Platform NPM Stealer, (Fri, May 22nd)
- Crunchyroll probes breach after hacker claims to steal 6.8M users' data
- Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
- Crypto gang member gets 6.5 years for role in $230 million heist
- Crypto-exchange Kraken extorted by hackers after insider breach
- Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
- Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
- CyberStrikeAI tool adopted by hackers for AI-powered attacks
- Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
- Cybercrime service disrupted for abusing Microsoft platform to sign malware
- Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
- Cybersecurity firms targeted by fraudulent OpenAI organization invites
- DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
- DAEMON Tools devs confirm breach, release malware-free version
- DAEMON Tools trojanized in supply-chain attack to deploy backdoor
- DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
- DHS confirms hackers breached HSIN info-sharing platform
- DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
- DORA and operational resilience: Credential management as a financial risk control
- DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
- DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
- DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
- DShield Honeypot Update, (Mon, May 4th)
- Danger of Libredtail [Guest Diary], (Wed, Apr 29th)
- Dark web Nemesis Market vendor gets 26 years for selling drugs
- DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
- Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
- Dashlane password manager users locked out by brute force attacks
- Data breach at edtech giant McGraw Hill affects 13.5 million accounts
- Data breach exposes up to 14.2 million email logins at six ISPs
- Dawn of the Apex Agentic Adversary
- Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor
- Day Zero Readiness: The Operational Gaps That Break Incident Response
- DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
- Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know
- Dell confirms its SupportAssist software causes Windows BSOD crashes
- DentaQuest data breach exposed info of 2.6 million accounts
- Detecting IP KVMs, (Tue, Mar 24th)
- Deterministic + Agentic AI: The Architecture Exposure Validation Requires
- Developer Workstations Are Now Part of the Software Supply Chain
- Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
- Device code phishing attacks surge 37x as new kits spread online
- Die Linke German political party confirms data stolen by Qilin ransomware
- Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
- DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
- Discord rolls out end-to-end encryption on voice, video calls
- Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
- DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
- DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
- DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering
- Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
- Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
- Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
- DraftKings hacker 'Snoopy' sentenced to 18 months in prison
- DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
- Drift $280M crypto theft linked to 6-month in-person operation
- Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
- Drift loses $280 million North Korean hackers seize Security Council powers
- Drift loses $280 million as hackers seize Security Council powers
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
- Drupal critical update to fix bug with high exploitation risk
- Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
- Drupal: Critical SQL injection flaw now targeted in attacks
- DuckDuckGo browser now blocks YouTube video ads
- Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
- Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
- Dutch Finance Ministry takes treasury banking portal offline after breach
- Dutch Ministry of Finance discloses breach affecting employees
- Dutch Police discloses security breach after phishing attack
- Dutch govt disrupts malware botnet with 17 million infected devices
- Dutch govt warns of Signal, WhatsApp account hijacking attacks
- Dutch police arrests suspect linked to Ajax football club hack
- Dutch police bust investment fraud ring stealing over €100 million
- E.U. Orders Google to Open Android Mic, Camera and Screen to Rival AI Assistants
- EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
- EU court adviser says banks must immediately refund phishing victims
- EU sanctions Russian GRU military hackers over cyberattacks
- Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
- Edu tech firm Instructure discloses cyber incident, probes impact
- Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
- England Hockey investigating ransomware data breach
- Entra passkey enrollment vishing targets Microsoft 365 users
- Ericsson US discloses data breach after service provider hack
- Ernst & Young discloses data breach after support system hack
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
- Eurail says December data breach impacts 300,000 individuals
- Europe sanctions Chinese and Iranian firms for cyberattacks
- European Commission confirms data breach after Europa.eu hack
- European Commission investigating breach after Amazon cloud account hack
- European Commission investigating breach after Amazon cloud hack
- European Gym giant Basic-Fit data breach affects 1 million members
- European Parliament Member Investigating Spyware Was Hacked With Pegasus
- European police dismantles €50 million crypto investment fraud ring
- Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
- Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
- Europol-coordinated action disrupts Tycoon2FA phishing platform
- Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way
- Evil MSI Background: BASE64 Statistical Analysis, (Mon, Jun 15th)
- Evolution of Ransomware: Multi-Extortion Ransomware Attacks
- Ex-data analyst stole company data in $2.5M extortion scheme
- Ex-school district employee jailed for hacks on former employer
- Exploit available for new DirtyDecrypt Linux root escalation flaw
- Exploit released for new PinTheft Arch Linux root escalation flaw
- Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites
- F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
- F5 issues out-of-band patches for critical NGINX vulnerabilities
- FBI Seizes NetNut Proxy Platform, Popa Botnet
- FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
- FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
- FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
- FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
- FBI arrests suspect linked to $46M crypto theft from US Marshals
- FBI confirms hack of Director Patel's personal email inbox
- FBI disrupts massive AI-powered phishing service using a million URLs
- FBI investigates breach of surveillance and wiretap systems
- FBI links Signal phishing attacks to Russian intelligence services
- FBI links cybercriminals to sharp surge in cargo theft attacks
- FBI seeks victims of Steam games used to spread malware
- FBI seizes Handala data leak site after Stryker cyberattack
- FBI seizes LeakBase cybercrime forum, data of 142,000 members
- FBI takedown of W3LL phishing service leads to developer arrest
- FBI warns against using Chinese mobile apps due to privacy risks
- FBI warns of Handala hackers using Telegram in malware attacks
- FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
- FBI warns of fake FIFA websites running World Cup fraud schemes
- FBI warns of in-person data theft attacks from extortion gang
- FBI warns of phishing attacks impersonating US city, county officials
- FBI: Americans lost a record $21 billion to cybercrime last year
- FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
- FBI: Fraudsters use couriers to steal money in crypto scams
- FBI: Russian hackers now target Signal backup recovery keys
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
- FCC bans new routers made outside the USA over security risks
- FFmpeg fixes PixelSmash flaw in widely used video decoder
- FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
- FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
- FTC to ban data broker Kochava from selling Americans’ location data
- FTC warns of record $3.5 billion losses to imposter scams in 2025
- FTC: Americans lost over $2.1 billion to social media scams in 2025
- Facebook accounts unavailable in worldwide outage
- Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
- Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
- Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
- Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
- Fake Claude AI website delivers new 'Beagle' Windows malware
- Fake Claude Code install guides push infostealers in InstallFix attacks
- Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images
- Fake Google Security site uses PWA app to steal credentials, MFA codes
- Fake IT support calls on Microsoft Teams push EtherRAT malware
- Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
- Fake LastPass support email threads try to steal vault passwords
- Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
- Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
- Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
- Fake OpenAI repository on Hugging Face pushes infostealer malware
- Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
- Fake Perplexity extension on Chrome Web Store tracked searches
- Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
- Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
- Fake VS Code alerts on GitHub spread malware to developers
- Fake enterprise VPN downloads used to steal company credentials
- Fake enterprise VPN sites used to steal company credentials
- Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
- Felons, Fraudsters Flog Offensive Cybersecurity Startup
- File read flaw in Smart Slider plugin impacts 500K WordPress sites
- Firefox now has a free built-in VPN with 50GB monthly data limit
- Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
- Firestarter malware survives Cisco firewall updates, security patches
- First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
- Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
- Flipper One project needs community help to build open Linux platform
- Flipper Zero firmware development continues with community help
- Florida woman imprisoned for massive Microsoft license fraud scheme
- Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
- FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
- Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
- Forget Data Leakage: Shadow AI's Real Threat Is Access Control
- Former US execs plead guilty to aiding tech support scammers
- Former govt contractor convicted for wiping dozens of federal databases
- Former ransomware negotiator gets 4 years for BlackCat attacks
- Former ransomware negotiator pleads guilty to BlackCat attacks
- FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
- FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
- FortiBleed campaign used custom FortiGate sniffer to steal credentials
- FortiBleed credential-theft campaign linked to Lynx ransomware
- FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
- FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
- Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
- Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
- Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
- Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
- Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
- Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
- French govt agency confirms breach as hacker offers to sell data
- French govt messaging service breached in account hijacking attack
- From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
- From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale
- From Assistive to Agentic: The AI Shift That's Redefining Threat Management
- From VMware to what’s next: Protecting data during hypervisor migration
- From a VHDX File to a Remcos RAT, (Tue, Jun 16th)
- Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
- Funnel Builder WordPress plugin bug exploited to steal credit cards
- GIGABYTE Control Center vulnerable to arbitrary file write flaw
- GM agrees to $12.75M California settlement over sale of drivers’ data
- GPU mining malware spreads via SEO poisoning, AI chatbots
- GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
- Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
- Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
- GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
- Gentlemen ransomware uses multiple EDR killers to disable defenses
- German authorities identify REvil and GandCrab ransomware bosses
- German authorities identify REvil and GangCrab ransomware bosses
- Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
- Ghanain man pleads guilty to role in $100 million fraud ring
- Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
- Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
- Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
- GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
- GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
- Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
- Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
- GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures
- GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
- GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos
- GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code
- GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
- GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
- GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
- GitHub adds AI-powered bug detection to expand security coverage
- GitHub announces npm security changes to tackle supply-chain attacks
- GitHub confirms breach of 3,800 repos via malicious VSCode extension
- GitHub disables Microsoft repos pushing password-stealing malware
- GitHub fixes RCE flaw that gave access to millions of private repos
- GitHub investigates internal repositories breach claimed by TeamPCP
- GitHub links repo breach to TanStack npm supply-chain attack
- GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
- Gitea Vulnerability Exposes Private Container Images without Authentication
- GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
- GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
- GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
- GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
- GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
- GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
- GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
- Glassworm botnet disrupted after resilient C2 infrastructure takedown
- Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
- GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
- Gogs patches critical zero-day enabling remote code execution
- Going the Extra Mile: Travel Rewards Turn into Underground Currency.
- GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft
- Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
- Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
- Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
- Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
- Google Chrome adds infostealer protection against session cookie theft
- Google Chrome adds session cookie theft protection for all users
- Google Chrome shifts to two-week release cycle for increased stability
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
- Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
- Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
- Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
- Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
- Google Drive ransomware detection now on by default for paying users
- Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
- Google Gemini CLI abused as a hacking agent, malware botnet operator
- Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
- Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
- Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
- Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries
- Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
- Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
- Google accidentally exposed details of unfixed Chromium flaw
- Google adds Android protection against AI deepfake scam calls
- Google adds ‘Advanced Flow’ for safe APK sideloading on Android
- Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
- Google expands Gemini AI use to fight malicious ads on its platform
- Google fixes fourth Chrome zero-day exploited in attacks in 2026
- Google fixes one actively exploited Android zero-day, 124 flaws
- Google fixes two new Chrome zero-days exploited in attacks
- Google loses final appeal to overturn €4.1 billion EU fine
- Google now allows you to change your @gmail.com address
- Google now offers up to $1.5 million for some Android exploits
- Google paid $17.1 million for vulnerability reports in 2025
- Google patches new Chrome zero-day flaw exploited in the wild
- Google releases new privacy controls for activity history, personalization
- Google rolls out Gmail end-to-end encryption on mobile devices
- Google says 90 zero-days were exploited in attacks last year
- Google to use UK and EU user IP addresses for ad personalization
- Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
- Google: Cloud attacks exploit flaws more than weak credentials
- Google: Hackers used AI to develop zero-day exploit for web admin tool
- Google: New UNC6783 hackers steal corporate Zendesk support tickets
- Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
- Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
- Grafana breach caused by missed token rotation after TanStack attack
- Grafana says stolen GitHub token let hackers steal codebase
- Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
- GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
- Grinex exchange blames "Western intelligence" for $13.7M crypto hack
- Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
- Grok Build Uploads Entire Git Repositories to xAI Storage, Not Just Files It Reads
- GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks
- Guardian Agents: The Next Layer of Identity Governance
- HPE warns of critical AOS-CX flaw allowing admin password resets
- HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
- Hacker charged with stealing $53 million from Uranium crypto exchange
- Hacker mass-mails HungerRush extortion emails to restaurant patrons
- HackerOne discloses employee data breach after Navia hack
- Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
- Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
- Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
- Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
- Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
- Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
- Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access
- Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
- Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
- Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
- Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns
- Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
- Hackers abuse Google ads for GoDaddy ManageWP login phishing
- Hackers abuse Google ads, Claude.ai chats to push Mac malware
- Hackers abuse ViPNet software to target Russian govt agencies
- Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
- Hackers arrested for hijacking and selling 610,000 Roblox accounts
- Hackers backdoor Jscrambler npm package with infostealer malware
- Hackers bypass SonicWall VPN MFA due to incomplete patching
- Hackers compromise Axios npm package to drop cross-platform malware
- Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
- Hackers exploit FortiClient EMS flaw to push infostealer malware
- Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
- Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
- Hackers exploit React2Shell in automated credential theft campaign
- Hackers exploit Roundcube flaw to spy on academic researchers
- Hackers exploit TrueConf zero-day to push malicious software updates
- Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
- Hackers exploit critical auth bypass in Gitea Docker image
- Hackers exploit critical flaw in Ninja Forms WordPress plugin
- Hackers exploit file upload bug in Breeze Cache WordPress plugin
- Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
- Hackers exploiting Acrobat Reader zero-day flaw since December
- Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
- Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
- Hackers now exploit critical Oracle E-Business flaw in attacks
- Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
- Hackers target Microsoft 365 accounts with 81 million login attempts
- Hackers use pixel-large SVG trick to hide credit card stealer
- Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
- Handling the CVE Flood With EPSS, (Mon, Apr 20th)
- Hands on with Intelligent Terminal, an AI-powered Windows Terminal
- Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
- Healthcare IT solutions provider ChipSoft hit by ransomware attack
- Healthcare tech firm CareCloud says hackers stole patient data
- Healthtech firm Xolis suffers data breach impacting 1.4 million people
- Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
- Hidden backdoor in Tenda router firmware grants admin access
- Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
- Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
- Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
- Hims & Hers warns of data breach after Zendesk support ticket breach
- Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
- Hola Browser for Windows compromised to deliver cryptominer
- HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload
- Home security giant ADT data breach affects 5.5 million people
- How AI Assistants are Moving the Security Goalposts
- How AI Hallucinations Are Creating Real Security Risks
- How CISOs Can Survive the Era of Geopolitical Cyberattacks
- How Ceros Gives Security Teams Visibility and Control in Claude Code
- How Deepfakes and Injection Attacks Are Breaking Identity Verification
- How Leading Organizations Are Turning EDR Into Operational Resilience
- How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
- How Pentera Turns AI Security Workflows into Validation Engines
- How SIEM helps MSPs reduce noise and stop threats faster
- How Varonis Atlas integrates Claude Compliance API for AI governance
- How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
- How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th)
- How often are redirects used in phishing in 2026?, (Mon, Apr 6th)
- How to Categorize AI Agents and Prioritize Risk
- How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
- How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions
- How to Reduce Phishing Exposure Before It Turns into Business Disruption
- How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
- How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
- INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
- INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
- INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
- INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
- INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
- INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
- IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
- ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
- ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
- ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
- ISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)
- ISC Stormcast For Friday, July 17th, 2026 https://isc.sans.edu/podcastdetail/10012, (Fri, Jul 17th)
- ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)
- ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
- ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th)
- ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
- ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)
- ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th)
- ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
- ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)
- ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
- ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
- ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)
- ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
- ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
- ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)
- ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
- ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)
- ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th)
- ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)
- ISC Stormcast For Monday, June 22nd, 2026 https://isc.sans.edu/podcastdetail/9980, (Mon, Jun 22nd)
- ISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th)
- ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
- ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)
- ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
- ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)
- ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)
- ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)
- ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)
- ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
- ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
- ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)
- ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)
- ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)
- ISC Stormcast For Thursday, July 16th, 2026 https://isc.sans.edu/podcastdetail/10010, (Thu, Jul 16th)
- ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
- ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
- ISC Stormcast For Thursday, June 11th, 2026 https://isc.sans.edu/podcastdetail/9968, (Thu, Jun 11th)
- ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)
- ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)
- ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846, (Thu, Mar 12th)
- ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
- ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)
- ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836, (Thu, Mar 5th)
- ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
- ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
- ISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)
- ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)
- ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
- ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)
- ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
- ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)
- ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
- ISC Stormcast For Tuesday, July 7th, 2026 https://isc.sans.edu/podcastdetail/9996, (Tue, Jul 7th)
- ISC Stormcast For Tuesday, June 16th, 2026 https://isc.sans.edu/podcastdetail/9974, (Tue, Jun 16th)
- ISC Stormcast For Tuesday, June 23rd, 2026 https://isc.sans.edu/podcastdetail/9982, (Tue, Jun 23rd)
- ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)
- ISC Stormcast For Tuesday, June 30th, 2026 https://isc.sans.edu/podcastdetail/9988, (Tue, Jun 30th)
- ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)
- ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)
- ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)
- ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)
- ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)
- ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)
- ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th)
- ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)
- ISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)
- ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)
- ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
- ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)
- ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)
- ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
- ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)
- ISC Stormcast For Wednesday, July 15th, 2026 https://isc.sans.edu/podcastdetail/10008, (Wed, Jul 15th)
- ISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)
- ISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)
- ISC Stormcast For Wednesday, June 10th, 2026 https://isc.sans.edu/podcastdetail/9966, (Wed, Jun 10th)
- ISC Stormcast For Wednesday, June 17th, 2026 https://isc.sans.edu/podcastdetail/9976, (Wed, Jun 17th)
- ISC Stormcast For Wednesday, June 24th, 2026 https://isc.sans.edu/podcastdetail/9984, (Wed, Jun 24th)
- ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)
- ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th)
- ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
- ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)
- ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)
- ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)
- ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)
- ISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th)
- ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)
- Identity Alone Isn't Enough: Why Device Security Has to Share the Load
- Identity Lifecycle Management Wasn't Built for AI Agents
- India's Telegram ban hit the UAE too. Here's how to get around it
- Infinite Campus data breach affects 137,000 school staff accounts
- Infinite Campus warns of breach after ShinyHunters claims data theft
- Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
- Injective SDK on npm infected with cryptocurrency wallet stealer
- Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
- Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
- Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
- Inside an OPSEC Playbook: How Threat Actors Evade Detection
- Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
- Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
- Inside the Search for "Clean" Residential Proxies for Carding
- Instagram users locked out after Meta AI abused to steal accounts
- Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
- Instructure confirms data breach, ShinyHunters claims attack
- Instructure confirms hackers used Canvas flaw to deface portals
- Instructure hacker claims data theft from 8,800 schools, universities
- Instructure reaches 'agreement' with ShinyHunters to stop data leak
- Insurance giant Aflac discloses data breach after subsidiary hack
- Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
- Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
- International joint action disrupts world’s largest DDoS botnets
- Investigating a New Click-Fix Variant
- Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
- Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
- Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
- Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
- Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
- Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
- Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
- Iranian hackers targeted major South Korean electronics maker
- IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
- Is a $30,000 GPU Good at Password Cracking?
- Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
- Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
- Ivanti warns of new EPMM flaw exploited in zero-day attacks
- Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
- Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
- Ivanti: Max severity Sentry flaw allows code execution as root
- JDownloader site hacked to replace installers with Python RAT malware
- JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
- JadePuffer ransomware used AI agent to automate entire attack
- JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
- Japan's largest taxi operator shuts systems after cyberattack
- Japanese energy firm loses drive with data of 10.9 million clients
- JaredFromSubway MEV bot hacked in $15 million crypto theft
- June 2026 Apple Updates, (Tue, Jun 30th)
- Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
- KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
- Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
- Kali Linux 2026.2 released with 9 new tools, NetHunter updates
- Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
- KelpDAO suffers $290 million heist tied to Lazarus hackers
- Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
- Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
- Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
- Klue OAuth breach victim list grows as Icarus hackers claim attack
- KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
- KnowledgeDeliver flaw exploited as a zero-day to install web shells
- Kodak confirms data breach claimed by ShinyHunters extortion gang