notice: please create a custom view template for the cybersec class view-cybersec.html
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
{
"priority": "HIGH",
"cve": "N/A",
"target": "AI coding agents",
"threat_actor": "Tenet Security",
"patch_ready": false,
"insight": "Researchers describe a new class of attack, Agentjacking, that tricks AI coding agents into running arbitrary code on developer machines via fake error reports crafted using Sentry."
}
1:10 pm, June 12, 2026
guid
https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
source_url
https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
id: 1526
uid: bDHNa
insdate: 2026-06-12 13:10:10
title: Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
additional: {
"priority": "HIGH",
"cve": "N/A",
"target": "AI coding agents",
"threat_actor": "Tenet Security",
"patch_ready": false,
"insight": "Researchers describe a new class of attack, Agentjacking, that tricks AI coding agents into running arbitrary code on developer machines via fake error reports crafted using Sentry."
}
category: Cybersecurity
md5:
guid: https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
source_url: https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
updated:
image:
author_name:
author_link:
uid: bDHNa
insdate: 2026-06-12 13:10:10
title: Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
additional: {
"priority": "HIGH",
"cve": "N/A",
"target": "AI coding agents",
"threat_actor": "Tenet Security",
"patch_ready": false,
"insight": "Researchers describe a new class of attack, Agentjacking, that tricks AI coding agents into running arbitrary code on developer machines via fake error reports crafted using Sentry."
}
category: Cybersecurity
md5:
guid: https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
source_url: https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html
updated:
image:
author_name:
author_link:
Add Comment
AI Testing
Page Views
This page has been viewed 1 times.
Search cybersec
Category List cybersec
- Cybersecurity
- $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
- $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
- [GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)
- [Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
- [Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)
- [Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
- 'NoVoice' Android malware on Google Play infected 2.3 million devices
- /proxy/ URL scans with IP addresses, (Mon, Mar 16th)
- 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
- 13-year-old bug in ActiveMQ lets hackers remotely execute commands
- 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
- 15-year-old detained over French govt agency data breach
- 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
- 18-year-old NGINX vulnerability allows DoS, potential RCE
- 2026 Browser Data Reveals Major Enterprise Security Blind Spots
- 2026: The Year of AI-Assisted Attacks
- 22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
- 22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
- 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
- 3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
- 3 SOC Process Fixes That Unlock Tier 1 Productivity
- 3 SOC Steps that Shut Down Incident Risks Early
- 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
- 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
- 400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
- 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
- 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
- 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
- 5 Ways Zero Trust Maximizes Identity Security
- 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
- 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
- 7 Ways to Prevent Privilege Escalation via Password Resets
- 7-Eleven confirms data breach claimed by the ShinyHunters gang
- 7-Eleven data breach exposes personal information of 185,000 people
- 73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
- 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
- 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
- A .WAV With A Payload, (Tue, Apr 21st)
- A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
- A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
- A Record-Breaking Patch Tuesday for June 2026
- ADT confirms data breach after ShinyHunters leak threat
- AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
- AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
- AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
- AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
- AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
- AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
- AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
- AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
- AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
- AI-built ransomware toolkit automates EDR evasion, AD discovery
- AI-generated Slopoly malware used in Interlock ransomware attack
- APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
- APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
- APT28 hackers deploy customized variant of Covenant open-source tool
- APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
- APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
- Acer working to patch max severity zero-days in Wave 7 routers
- Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
- Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
- Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
- Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
- After Mythos: New Playbooks For a Zero-Window Era
- Agent AI is Coming. Are You Ready?
- Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
- Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
- Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
- AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
- Ajax football club hack exposed fan data, enabled ticket hijack
- Alabama man pleads guilty to hacking, extorting hundreds of women
- Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
- Alleged Silk Typhoon hacker extradited to US for cyberespionage
- Amazon SES increasingly abused in phishing to evade detection
- Amazon: Drone strikes damaged AWS data centers in Middle East
- American utility firm Itron discloses breach of internal IT network
- Americans sentenced for running 'laptop farms' for North Korea
- An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)
- An Example of Stack String in High Level Language, (Sat, May 23rd)
- Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
- Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
- Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
- Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
- Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
- Android 17 to expand banking scam call and privacy protections
- Android Adds Intrusion Logging for Sophisticated Spyware Forensics
- Android Developer Verification Rollout Begins Ahead of September Enforcement
- Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
- Android gets patches for Qualcomm zero-day exploited in attacks
- Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
- Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
- Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
- Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards
- Anthropic confirms Claude Mythos-class models will roll out to the public
- Anthropic rolls out Claude Fable 5, but it's available for a limited time
- Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
- Anthropic’s restricted Claude Mythos model may be coming to Claude Code
- Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
- Anti-piracy coalition takes down AnimePlay app with 5 million users
- Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
- Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
- Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
- Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
- Apple Patches Everything, (Mon, May 11th)
- Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
- Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
- Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
- Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
- Apple account change alerts abused to send phishing emails
- Apple adds macOS Terminal warning to block ClickFix attacks
- Apple blocked over $11 billion in App Store fraud in 6 years
- Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
- Apple fixes bug that let the FBI recover deleted Signal messages
- Apple fixes iOS bug that retained deleted notification data
- Apple patches older iPhones and iPads against Coruna exploits
- Apple pushes first Background Security Improvements update to fix WebKit flaw
- Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
- AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
- April KB5083769 Windows 11 update causes backup software failures
- April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
- Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
- Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
- Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
- Aura confirms data breach exposing 900,000 marketing contacts
- Australia warns of ClickFix attacks pushing Vidar Stealer malware
- Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
- Authorities dismantle 'AudiA6' ransomware crypto-laundering service
- Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
- Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
- Avada Builder WordPress plugin flaws allow site credential theft
- Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
- Axios npm hack used fake Teams error fix to hijack maintainer account
- Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
- BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
- BTMOB Android malware service generates custom phishing payloads
- Backdoored PyTorch Lightning package drops credential stealer
- Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
- Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
- Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
- Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
- Betterleaks, a new open-source secrets scanner to replace Gitleaks
- Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
- Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
- Bitrefill blames North Korean Lazarus group for cyberattack
- Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
- Bitwarden CLI npm package compromised to steal developer credentials
- Bitwarden adds support for passkey login on Windows 11
- Block the Prompt, Not the Work: The End of "Doctor No"
- Brave Software releases Origin for a paid, bloat-free browsing experience
- Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
- Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
- British Scattered Spider hacker pleads guilty to crypto theft charges
- Broken VECT 2.0 ransomware acts as a data wiper for large files
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
- Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
- Bubble AI app builder abused to steal Microsoft account credentials
- Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
- C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
- CERT-EU: European Commission hack exposes data of 30 EU entities
- CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
- CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
- CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
- CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
- CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
- CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
- CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
- CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
- CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
- CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
- CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
- CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
- CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
- CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
- CISA Admin Leaked AWS GovCloud Keys on Github
- CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
- CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
- CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
- CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
- CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
- CISA flags Apache ActiveMQ flaw as actively exploited in attacks
- CISA flags VMware Aria Operations RCE flaw as exploited in attacks
- CISA flags Windows Task Host vulnerability as exploited in attacks
- CISA flags Wing FTP Server flaw as actively exploited in attacks
- CISA flags new SD-WAN flaw as actively exploited in attacks
- CISA flags two-year-old Oracle flaw as actively exploited in attacks
- CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
- CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
- CISA gives feds four days to patch Ivanti flaw exploited as zero-day
- CISA orders feds to patch BlueHammer flaw exploited as zero-day
- CISA orders feds to patch DarkSword iOS flaws exploited attacks
- CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
- CISA orders feds to patch Windows flaw exploited as zero-day
- CISA orders feds to patch Zimbra XSS flaw exploited in attacks
- CISA orders feds to patch actively exploited Citrix flaw by Thursday
- CISA orders feds to patch actively exploited Drupal vulnerability
- CISA orders feds to patch actively exploited Ivanti flaw by Sunday
- CISA orders feds to patch exploited Fortinet EMS flaw by Friday
- CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
- CISA orders feds to patch max-severity Cisco flaw by Sunday
- CISA orders feds to patch n8n RCE flaw exploited in attacks
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
- CISA tells govt agencies to patch critical exploited flaws in 3 days
- CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
- CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
- CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
- CISA warns of active attacks exploiting Android, Linux bugs
- CISA warns of cyberattacks targeting fuel tank monitoring systems
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
- CISA: New Langflow flaw actively exploited to hijack AI workflows
- CISA: Recently patched Ivanti EPM flaw now actively exploited
- CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
- CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
- California AG sues 23andMe over 2023 breach exposing health data
- Can the Security Platform Finally Deliver for the Mid-Market?
- Can you enforce strong Active Directory password rules without frustrating users?
- Canada arrests three for operating “SMS blaster” device in Toronto
- Canadian retail giant Loblaw notifies customers of data breach
- Canvas Breach Disrupts Schools & Colleges Nationwide
- Canvas login portals hacked in mass ShinyHunters extortion campaign
- Carnival Cruise confirms data breach affecting nearly 6 million people
- Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
- Charter Communications data breach affects 4.9 million accounts
- Charter confirms data breach after ShinyHunters extortion threat
- ChatGPT rolls out new $100 Pro subscription to challenge Claude
- ChatGPT share links abused to host fake outage pages to deliver malware
- ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
- Check Point links VPN zero-day attacks to Qilin ransomware gang
- Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
- Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
- China's Apple App Store infiltrated by crypto-stealing wallet apps
- China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
- China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
- China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
- China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
- China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
- China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
- China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
- China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
- China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
- China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
- China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
- China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
- China-linked JDY botnet expands targeting of U.S. military networks
- Chinese APT deploys new malware to keep access to hacked networks
- Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
- Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
- Chinese hackers target telcos with new Linux, Windows malware
- Chinese hackers use new Atlas RAT malware in European cyberattacks
- Chinese state hackers target telcos with new malware toolkit
- Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
- Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
- Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
- Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
- Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
- Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
- Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
- Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
- Cisco flags more SD-WAN flaws as actively exploited in attacks
- Cisco says critical Webex Services flaw requires customer action
- Cisco source code stolen in Trivy-linked dev environment breach
- Cisco warns of critical Unified CM flaw with PoC exploit code
- Cisco warns of max severity Secure FMC flaws giving root access
- Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
- Cisco warns of unpatched SD-WAN zero-day exploited in attacks
- Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
- Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
- Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
- Citrix urges admins to patch NetScaler flaws as soon as possible
- Claude AI finds Vim, Emacs RCE bugs that trigger on file open
- Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
- Claude Code Security and Magecart: Getting the Threat Model Right
- Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
- Claude Code leak used to push infostealer malware on GitHub
- Claude Code source code accidentally leaked in NPM package
- Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
- Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
- Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)
- ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
- CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
- Cognizant TriZetto breach exposes health data of 3.4 million patients
- Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
- Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
- Compromised Site Management Panels are a Hot Item in Cybercrime Markets
- ConnectWise patches new flaw allowing ScreenConnect hijacking
- ConsentFix v3 attacks target Azure with automated OAuth abuse
- Continuing Scans for swagger.json, (Wed, Jun 3rd)
- Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
- Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
- Coruna iOS exploit framework linked to Triangulation attacks
- Cosmetics giant Rituals discloses data breach affecting customers
- Coupang hit with record $409 million data breach fine in Korea
- Credit card theft campaign abuses Stripe to host stolen payment info
- Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
- Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
- Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
- Critical Cisco IMC auth bypass gives attackers Admin access
- Critical Citrix NetScaler memory flaw actively exploited in attacks
- Critical Everest Forms Pro flaw exploited to take over WordPress sites
- Critical Fortinet Forticlient EMS flaw now exploited in attacks
- Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
- Critical Kirki flaw exploited to hijack WordPress admin accounts
- Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
- Critical Marimo pre-auth RCE flaw now under active exploitation
- Critical Microsoft SharePoint flaw now exploited in attacks
- Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
- Critical Nginx UI auth bypass flaw now actively exploited in the wild
- Critical UniFi OS bug lets hackers gain root without authentication
- Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
- Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
- Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
- Critical Windows Netlogon RCE flaw now exploited in attacks
- Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
- Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
- Critical cPanel and WHM bug exploited as a zero-day, PoC now available
- Critical flaw in Protobuf library enables JavaScript code execution
- Critical flaw in wolfSSL library enables forged certificate use
- Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
- Critical vm2 sandbox bug lets attackers execute code on hosts
- Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
- Cross-Platform NPM Stealer, (Fri, May 22nd)
- Crunchyroll probes breach after hacker claims to steal 6.8M users' data
- Crypto gang member gets 6.5 years for role in $230 million heist
- Crypto-exchange Kraken extorted by hackers after insider breach
- Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
- CyberStrikeAI tool adopted by hackers for AI-powered attacks
- Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
- Cybercrime service disrupted for abusing Microsoft platform to sign malware
- Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
- DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
- DAEMON Tools devs confirm breach, release malware-free version
- DAEMON Tools trojanized in supply-chain attack to deploy backdoor
- DORA and operational resilience: Credential management as a financial risk control
- DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
- DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
- DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
- DShield Honeypot Update, (Mon, May 4th)
- Danger of Libredtail [Guest Diary], (Wed, Apr 29th)
- Dark web Nemesis Market vendor gets 26 years for selling drugs
- DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
- Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
- Dashlane password manager users locked out by brute force attacks
- Data breach at edtech giant McGraw Hill affects 13.5 million accounts
- Day Zero Readiness: The Operational Gaps That Break Incident Response
- DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
- Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know
- Dell confirms its SupportAssist software causes Windows BSOD crashes
- DentaQuest data breach exposed info of 2.6 million accounts
- Detecting IP KVMs, (Tue, Mar 24th)
- Deterministic + Agentic AI: The Architecture Exposure Validation Requires
- Developer Workstations Are Now Part of the Software Supply Chain
- Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
- Device code phishing attacks surge 37x as new kits spread online
- Die Linke German political party confirms data stolen by Qilin ransomware
- Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
- DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
- Discord rolls out end-to-end encryption on voice, video calls
- Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
- DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
- DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
- Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
- Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
- Drift $280M crypto theft linked to 6-month in-person operation
- Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
- Drift loses $280 million North Korean hackers seize Security Council powers
- Drift loses $280 million as hackers seize Security Council powers
- Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
- Drupal critical update to fix bug with high exploitation risk
- Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
- Drupal: Critical SQL injection flaw now targeted in attacks
- Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
- Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
- Dutch Finance Ministry takes treasury banking portal offline after breach
- Dutch Ministry of Finance discloses breach affecting employees
- Dutch Police discloses security breach after phishing attack
- Dutch govt disrupts malware botnet with 17 million infected devices
- Dutch govt warns of Signal, WhatsApp account hijacking attacks
- Dutch police arrests suspect linked to Ajax football club hack
- EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
- EU court adviser says banks must immediately refund phishing victims
- Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
- Edu tech firm Instructure discloses cyber incident, probes impact
- Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
- England Hockey investigating ransomware data breach
- Ericsson US discloses data breach after service provider hack
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
- Eurail says December data breach impacts 300,000 individuals
- Europe sanctions Chinese and Iranian firms for cyberattacks
- European Commission confirms data breach after Europa.eu hack
- European Commission investigating breach after Amazon cloud account hack
- European Commission investigating breach after Amazon cloud hack
- European Gym giant Basic-Fit data breach affects 1 million members
- European police dismantles €50 million crypto investment fraud ring
- Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
- Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
- Europol-coordinated action disrupts Tycoon2FA phishing platform
- Evolution of Ransomware: Multi-Extortion Ransomware Attacks
- Ex-data analyst stole company data in $2.5M extortion scheme
- Exploit available for new DirtyDecrypt Linux root escalation flaw
- Exploit released for new PinTheft Arch Linux root escalation flaw
- FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
- FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
- FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
- FBI arrests suspect linked to $46M crypto theft from US Marshals
- FBI confirms hack of Director Patel's personal email inbox
- FBI investigates breach of surveillance and wiretap systems
- FBI links Signal phishing attacks to Russian intelligence services
- FBI links cybercriminals to sharp surge in cargo theft attacks
- FBI seeks victims of Steam games used to spread malware
- FBI seizes Handala data leak site after Stryker cyberattack
- FBI seizes LeakBase cybercrime forum, data of 142,000 members
- FBI takedown of W3LL phishing service leads to developer arrest
- FBI warns against using Chinese mobile apps due to privacy risks
- FBI warns of Handala hackers using Telegram in malware attacks
- FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
- FBI warns of fake FIFA websites running World Cup fraud schemes
- FBI warns of in-person data theft attacks from extortion gang
- FBI warns of phishing attacks impersonating US city, county officials
- FBI: Americans lost a record $21 billion to cybercrime last year
- FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
- FCC bans new routers made outside the USA over security risks
- FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
- FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
- FTC to ban data broker Kochava from selling Americans’ location data
- FTC: Americans lost over $2.1 billion to social media scams in 2025
- Facebook accounts unavailable in worldwide outage
- Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
- Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
- Fake Claude AI website delivers new 'Beagle' Windows malware
- Fake Claude Code install guides push infostealers in InstallFix attacks
- Fake Google Security site uses PWA app to steal credentials, MFA codes
- Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
- Fake LastPass support email threads try to steal vault passwords
- Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
- Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
- Fake OpenAI repository on Hugging Face pushes infostealer malware
- Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
- Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
- Fake VS Code alerts on GitHub spread malware to developers
- Fake enterprise VPN downloads used to steal company credentials
- Fake enterprise VPN sites used to steal company credentials
- Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
- File read flaw in Smart Slider plugin impacts 500K WordPress sites
- Firefox now has a free built-in VPN with 50GB monthly data limit
- Firestarter malware survives Cisco firewall updates, security patches
- First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
- Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
- Flipper One project needs community help to build open Linux platform
- Florida woman imprisoned for massive Microsoft license fraud scheme
- Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
- FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
- Former US execs plead guilty to aiding tech support scammers
- Former govt contractor convicted for wiping dozens of federal databases
- Former ransomware negotiator pleads guilty to BlackCat attacks
- FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
- Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
- Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
- Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
- Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
- Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
- Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
- French govt agency confirms breach as hacker offers to sell data
- French govt messaging service breached in account hijacking attack
- From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
- From VMware to what’s next: Protecting data during hypervisor migration
- Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
- Funnel Builder WordPress plugin bug exploited to steal credit cards
- GIGABYTE Control Center vulnerable to arbitrary file write flaw
- GM agrees to $12.75M California settlement over sale of drivers’ data
- GPU mining malware spreads via SEO poisoning, AI chatbots
- GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
- Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
- GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
- German authorities identify REvil and GandCrab ransomware bosses
- German authorities identify REvil and GangCrab ransomware bosses
- Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
- Ghanain man pleads guilty to role in $100 million fraud ring
- Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
- Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
- Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
- Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
- Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
- GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
- GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos
- GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
- GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
- GitHub adds AI-powered bug detection to expand security coverage
- GitHub announces npm security changes to tackle supply-chain attacks
- GitHub confirms breach of 3,800 repos via malicious VSCode extension
- GitHub disables Microsoft repos pushing password-stealing malware
- GitHub fixes RCE flaw that gave access to millions of private repos
- GitHub investigates internal repositories breach claimed by TeamPCP
- GitHub links repo breach to TanStack npm supply-chain attack
- GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
- Gitea Vulnerability Exposes Private Container Images without Authentication
- GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
- GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
- GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
- GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
- GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
- GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
- GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
- Glassworm botnet disrupted after resilient C2 infrastructure takedown
- Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
- Gogs patches critical zero-day enabling remote code execution
- Going the Extra Mile: Travel Rewards Turn into Underground Currency.
- Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
- Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
- Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
- Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
- Google Chrome adds infostealer protection against session cookie theft
- Google Chrome adds session cookie theft protection for all users
- Google Chrome shifts to two-week release cycle for increased stability
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
- Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
- Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
- Google Drive ransomware detection now on by default for paying users
- Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
- Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
- Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
- Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
- Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
- Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
- Google accidentally exposed details of unfixed Chromium flaw
- Google adds Android protection against AI deepfake scam calls
- Google adds ‘Advanced Flow’ for safe APK sideloading on Android
- Google expands Gemini AI use to fight malicious ads on its platform
- Google fixes fourth Chrome zero-day exploited in attacks in 2026
- Google fixes one actively exploited Android zero-day, 124 flaws
- Google fixes two new Chrome zero-days exploited in attacks
- Google now allows you to change your @gmail.com address
- Google now offers up to $1.5 million for some Android exploits
- Google paid $17.1 million for vulnerability reports in 2025
- Google patches new Chrome zero-day flaw exploited in the wild
- Google rolls out Gmail end-to-end encryption on mobile devices
- Google says 90 zero-days were exploited in attacks last year
- Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
- Google: Cloud attacks exploit flaws more than weak credentials
- Google: Hackers used AI to develop zero-day exploit for web admin tool
- Google: New UNC6783 hackers steal corporate Zendesk support tickets
- Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
- Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
- Grafana breach caused by missed token rotation after TanStack attack
- Grafana says stolen GitHub token let hackers steal codebase
- Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
- GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
- Grinex exchange blames "Western intelligence" for $13.7M crypto hack
- HPE warns of critical AOS-CX flaw allowing admin password resets
- HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
- Hacker charged with stealing $53 million from Uranium crypto exchange
- Hacker mass-mails HungerRush extortion emails to restaurant patrons
- HackerOne discloses employee data breach after Navia hack
- Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
- Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
- Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
- Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
- Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
- Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
- Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
- Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
- Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
- Hackers abuse Google ads for GoDaddy ManageWP login phishing
- Hackers abuse Google ads, Claude.ai chats to push Mac malware
- Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
- Hackers arrested for hijacking and selling 610,000 Roblox accounts
- Hackers bypass SonicWall VPN MFA due to incomplete patching
- Hackers compromise Axios npm package to drop cross-platform malware
- Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
- Hackers exploit FortiClient EMS flaw to push infostealer malware
- Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
- Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
- Hackers exploit React2Shell in automated credential theft campaign
- Hackers exploit TrueConf zero-day to push malicious software updates
- Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
- Hackers exploit critical flaw in Ninja Forms WordPress plugin
- Hackers exploit file upload bug in Breeze Cache WordPress plugin
- Hackers exploiting Acrobat Reader zero-day flaw since December
- Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
- Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
- Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
- Hackers use pixel-large SVG trick to hide credit card stealer
- Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
- Handling the CVE Flood With EPSS, (Mon, Apr 20th)
- Hands on with Intelligent Terminal, an AI-powered Windows Terminal
- Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
- Healthcare IT solutions provider ChipSoft hit by ransomware attack
- Healthcare tech firm CareCloud says hackers stole patient data
- Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
- Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
- Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
- Hims & Hers warns of data breach after Zendesk support ticket breach
- Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
- Hola Browser for Windows compromised to deliver cryptominer
- Home security giant ADT data breach affects 5.5 million people
- How AI Assistants are Moving the Security Goalposts
- How AI Hallucinations Are Creating Real Security Risks
- How CISOs Can Survive the Era of Geopolitical Cyberattacks
- How Ceros Gives Security Teams Visibility and Control in Claude Code
- How Deepfakes and Injection Attacks Are Breaking Identity Verification
- How Leading Organizations Are Turning EDR Into Operational Resilience
- How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
- How SIEM helps MSPs reduce noise and stop threats faster
- How Varonis Atlas integrates Claude Compliance API for AI governance
- How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
- How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th)
- How often are redirects used in phishing in 2026?, (Mon, Apr 6th)
- How to Categorize AI Agents and Prioritize Risk
- How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
- How to Reduce Phishing Exposure Before It Turns into Business Disruption
- How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
- How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
- INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
- INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
- INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
- INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
- IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
- ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
- ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
- ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
- ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)
- ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
- ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th)
- ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
- ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)
- ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th)
- ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
- ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)
- ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
- ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
- ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)
- ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
- ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
- ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)
- ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)
- ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
- ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)
- ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
- ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)
- ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)
- ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)
- ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)
- ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
- ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
- ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)
- ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)
- ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)
- ISC Stormcast For Thursday, June 11th, 2026 https://isc.sans.edu/podcastdetail/9968, (Thu, Jun 11th)
- ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)
- ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846, (Thu, Mar 12th)
- ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
- ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)
- ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836, (Thu, Mar 5th)
- ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
- ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
- ISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)
- ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)
- ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
- ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)
- ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
- ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)
- ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)
- ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)
- ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)
- ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)
- ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)
- ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)
- ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)
- ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th)
- ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)
- ISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)
- ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)
- ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
- ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)
- ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)
- ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
- ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)
- ISC Stormcast For Wednesday, June 10th, 2026 https://isc.sans.edu/podcastdetail/9966, (Wed, Jun 10th)
- ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)
- ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th)
- ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
- ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)
- ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)
- ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)
- ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)
- ISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th)
- ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)
- Identity Alone Isn't Enough: Why Device Security Has to Share the Load
- Infinite Campus warns of breach after ShinyHunters claims data theft
- Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
- Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
- Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
- Inside an OPSEC Playbook: How Threat Actors Evade Detection
- Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
- Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
- Instagram users locked out after Meta AI abused to steal accounts
- Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
- Instructure confirms data breach, ShinyHunters claims attack
- Instructure confirms hackers used Canvas flaw to deface portals
- Instructure hacker claims data theft from 8,800 schools, universities
- Instructure reaches 'agreement' with ShinyHunters to stop data leak
- Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
- Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
- International joint action disrupts world’s largest DDoS botnets
- Investigating a New Click-Fix Variant
- Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
- Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
- Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
- Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
- Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
- Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
- Iranian hackers targeted major South Korean electronics maker
- IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
- Is a $30,000 GPU Good at Password Cracking?
- Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
- Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
- Ivanti warns of new EPMM flaw exploited in zero-day attacks
- Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
- Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
- Ivanti: Max severity Sentry flaw allows code execution as root
- JDownloader site hacked to replace installers with Python RAT malware
- JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
- JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
- Japanese energy firm loses drive with data of 10.9 million clients
- KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
- Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
- Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
- KelpDAO suffers $290 million heist tied to Lazarus hackers
- Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
- Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
- KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
- KnowledgeDeliver flaw exploited as a zero-day to install web shells
- KongTuke hackers now use Microsoft Teams for corporate breaches
- Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
- Kyber ransomware gang toys with post-quantum encryption on Windows
- LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
- LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
- LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
- Laravel Lang packages hijacked to deploy credential-stealing malware
- Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
- Lawmakers Demand Answers as CISA Tries to Contain Data Leak
- Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
- LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
- LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
- LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks
- LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
- Leaked Shai-Hulud malware fuels new npm infostealer campaign
- Learning from the Vercel breach: Shadow AI & OAuth sprawl
- LexisNexis confirms data breach as hackers leak stolen files
- LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
- LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
- Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
- LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
- LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
- Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
- Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
- MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
- Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
- Maine breach portal abused to publish fake data breach disclosures
- Maine disables data breach notification portal after fake disclosures
- Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
- Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)
- Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
- Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
- Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
- Malicious npm Package Stole Files From Claude AI User Directory via GitHub
- Man admits to locking thousands of Windows devices in extortion plot
- Man gets 30 months for selling thousands of hacked DraftKings accounts
- Man sent to prison for selling data of 7 millions elderly Americans
- Manager of botnet used in ransomware attacks gets 2 years in prison
- Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
- Marquis: Ransomware gang stole data of 672K people in cyberattack
- Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
- Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
- Max severity Cisco Secure Workload flaw gives Site Admin privileges
- Max severity Flowise RCE vulnerability now exploited in attacks
- Max severity Ivanti Sentry vulnerability now exploited in attacks
- Max severity Ubiquiti UniFi flaw may allow account takeover
- Max-severity flaw in ChromaDB for AI apps allows server hijacking
- Mazda discloses security breach exposing employee and partner data
- McGraw-Hill confirms data breach following extortion threat
- Medtech giant Stryker fully operational after data-wiping attack
- Medtech giant Stryker offline after Iran-linked wiper malware attack
- Medtronic confirms breach after hackers claim 9 million records theft
- Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
- MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
- Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order
- Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
- Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
- Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
- Meta to Use Off-Site Business Data for Feed and AI Personalization
- Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
- Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
- Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
- Microsoft 365 Backup to add file-level restore for faster recovery
- Microsoft Access VBA, (Mon, May 25th)
- Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
- Microsoft Azure Monitor alerts abused for callback phishing attacks
- Microsoft Azure Monitor alerts abused in callback phishing campaigns
- Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
- Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
- Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
- Microsoft Defender can now automatically isolate hacked endpoints
- Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
- Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
- Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
- Microsoft Exchange Online outage blocks access to mailboxes
- Microsoft Exchange Online outage causes email delays, failures
- Microsoft Exchange Online service change causes email access issues
- Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
- Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
- Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
- Microsoft June 2026 Patch Tuesday, (Tue, Jun 9th)
- Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
- Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
- Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
- Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
- Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
- Microsoft Patch Tuesday, March 2026 Edition
- Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
- Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
- Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
- Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
- Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
- Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
- Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
- Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
- Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
- Microsoft Self-Service Password Reset abused in Azure data theft attacks
- Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
- Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
- Microsoft Teams phishing targets employees with A0Backdoor malware
- Microsoft Teams phishing targets employees with backdoors
- Microsoft Teams right-click paste broken by Edge update bug
- Microsoft Teams to get efficiency mode on PCs with limited resources
- Microsoft Teams will tag third-party bots trying to join meetings
- Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
- Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
- Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
- Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
- Microsoft adds Windows protections for malicious Remote Desktop files
- Microsoft asks iPhone users to reauthenticate after Outlook outage
- Microsoft backpedals: Edge to stop loading passwords into memory
- Microsoft blames macOS update for undismissible Teams location prompts
- Microsoft blames unexpected Windows driver updates on caching issue
- Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
- Microsoft confirms April Windows updates cause backup failures
- Microsoft confirms Windows 11 security update install issues
- Microsoft confirms outage affecting MFA, My Sign-Ins platform
- Microsoft confirms patching issues in restricted Windows networks
- Microsoft fixes BitLocker recovery bug on Windows Server 2025
- Microsoft fixes BitLocker recovery issue only for Windows 11 users
- Microsoft fixes Classic Outlook bug causing email delivery issues
- Microsoft fixes KB5089549 Windows security update install issues
- Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
- Microsoft fixes Remote Desktop warnings displaying incorrectly
- Microsoft fixes Windows Autopatch bug installing restricted drivers
- Microsoft fixes Windows update failures linked to WUSA installer
- Microsoft fixes bug behind Windows Server 2025 automatic upgrades
- Microsoft fixes bug causing Classic Outlook sync issues with Gmail
- Microsoft fixes outage affecting MFA setup, MySignIn service
- Microsoft investigates Office Apps, Teams file access issues
- Microsoft investigates classic Outlook sync and connection issues
- Microsoft links Classic Outlook issue to email delivery problems
- Microsoft links Medusa ransomware affiliate to zero-day attacks
- Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
- Microsoft now lets admins choose pre-installed Store apps to uninstall
- Microsoft now lets admins uninstall Copilot on enterprise devices
- Microsoft patches Exchange Server zero-day exploited in attacks
- Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
- Microsoft plans to improve Windows 11 driver quality in 2026
- Microsoft pulls KB5079391 Windows update over install issues
- Microsoft pulls Samsung app blocking Windows C: drive from Store
- Microsoft pulls service update causing Teams launch failures
- Microsoft rejects critical Azure vulnerability report, no CVE issued
- Microsoft releases Windows 10 KB5078885 extended security update
- Microsoft releases Windows 10 KB5082200 extended security update
- Microsoft releases Windows 10 KB5087544 extended security update
- Microsoft releases Windows 10 KB5094127 extended security update
- Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
- Microsoft releases emergency patches for critical ASP.NET flaw
- Microsoft releases emergency updates to fix Windows Server issues
- Microsoft removes Support and Recovery Assistant from Windows
- Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
- Microsoft rolls out fix for broken Windows Start Menu search
- Microsoft rolls out revamped Windows Insider Program
- Microsoft says Outlook.com outage is causing sign‑in failures
- Microsoft says backend change broke Teams Free chat and calls
- Microsoft says some users can't install Office on Windows 365 devices
- Microsoft shares fix for Windows C: drive access issues on Samsung PCs
- Microsoft shares mitigation for YellowKey Windows zero-day
- Microsoft still working to fix Exchange Online mailbox access issues
- Microsoft still working to fix Windows Explorer white flashes
- Microsoft stops force-installing the Microsoft 365 Copilot app
- Microsoft suspends dev accounts for high-profile open source projects
- Microsoft testing adjustable taskbar, Start menu in Windows 11
- Microsoft tests Windows Explorer speed, performance improvements
- Microsoft tests modern Windows Run, says it's faster than legacy dialog
- Microsoft to automatically roll back faulty Windows drivers
- Microsoft to deprecate legacy TLS in Exchange Online starting July
- Microsoft to enable Windows hotpatch security updates by default
- Microsoft to roll out Entra passkeys on Windows in late April
- Microsoft traces Universal Print issues to Graph API code change
- Microsoft warns of Exchange zero-day flaw exploited in attacks
- Microsoft warns of new Defender zero-days exploited in attacks
- Microsoft's Coreutils for Windows, (Thu, Jun 4th)
- Microsoft's Coreutils project brings Linux commands to Windows
- Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
- Microsoft: April Windows Server 2025 update may fail to install
- Microsoft: April updates trigger BitLocker key prompts on some servers
- Microsoft: Canadian employees targeted in payroll pirate attacks
- Microsoft: Domain Controller lookup may fail on Windows Server 2016
- Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
- Microsoft: Hackers abuse OAuth error flows to spread malware
- Microsoft: Hackers abusing AI at every stage of cyberattacks
- Microsoft: March Windows updates break Teams, OneDrive sign-ins
- Microsoft: New Remote Desktop warnings may display incorrectly
- Microsoft: Some Teams users can’t join meetings after Edge update
- Microsoft: Some Windows PCs fail to install latest monthly updates
- Microsoft: Some Windows servers enter reboot loops after April patches
- Microsoft: Teams increasingly abused in helpdesk impersonation attacks
- Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
- Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
- Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
- MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
- Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
- Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
- Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
- Mississippi medical center reopens clinics hit by ransomware attack
- Money launderer linked to $230M crypto heist gets 70 months in prison
- More Honeypot Fingerprinting Scans, (Wed, Apr 8th)
- Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
- Most Remediation Programs Never Confirm the Fix Actually Worked
- MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
- MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
- MuddyWater hackers use Chaos ransomware as a decoy in attacks
- Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
- Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
- Musician admits to $10M streaming royalty fraud using AI bots
- Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
- Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
- N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
- NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
- NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
- NFCShare Android malware spreads via fake banking app updates on GitHub
- NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
- NGate Android malware uses HandyPay NFC app to steal card data
- NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
- NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
- NIST to stop rating non-priority flaws due to volume increase
- NVIDIA confirms GeForce NOW data breach affecting Armenian users
- Navia discloses data breach impacting 2.7 million people
- Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
- Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
- Netherlands seizes 800 servers of hosting firm enabling cyberattacks
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
- New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
- New 'Zombie ZIP' technique lets malware slip past security tools
- New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar
- New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"
- New ATHR vishing platform uses AI voice agents for automated attacks
- New AgingFly malware used in attacks on Ukraine govt, hospitals
- New Apple feature automatically changes your compromised passwords
- New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
- New BeatBanker Android malware poses as Starlink app to hijack devices
- New BlackFile extortion group linked to surge of vishing attacks
- New Bluekit phishing service includes an AI assistant, 40 templates
- New Booking.com data breach forces reservation PIN resets
- New CIFSwitch Linux flaw gives root on multiple distributions
- New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
- New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
- New Checkmarx supply-chain breach affects KICS analysis tool
- New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
- New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
- New Cisco DoS flaw requires manual reboot to revive devices
- New CrystalRAT malware adds RAT, stealer and prankware features
- New EvilTokens service fuels Microsoft device code phishing attacks
- New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
- New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
- New FortiClient EMS flaw exploited in attacks, emergency patch released
- New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
- New Fragnesia Linux flaw lets attackers gain root privileges
- New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
- New GPUBreach attack enables system takeover via GPU rowhammer
- New GhostLock tool abuses Windows API to block file access
- New GoGra malware for Linux uses Microsoft Graph API for comms