OWASP has released the “State of Agentic AI Security and Governance v2.01” report, a technical blueprint aimed at security teams racing to secure rapidly proliferating autonomous AI agents in production. The report, part of the OWASP GenAI Security Project’s Agentic…
Category: Cyber Security News
Internet Explorer WebBrowser Control Attack Chain Turns Clicks Into RCE
Internet Explorer’s legacy WebBrowser control can still be abused to turn a single user click into full remote code execution (RCE) on Windows systems, even though the browser is officially retired. PT Security observed that by exploiting IE’s zone model,…
Critical Redis RCE Vulnerability Enable Attackers to Gain Complete Control to Host Server
In May 2026, Redis developers fixed a dangerous post-authentication remote code execution vulnerability, dubbed DarkReplica (CVE-2026-23631), that allowed attackers to gain full control of a Redis host. Redis provides powerful server-side Lua engines, allowing administrators to run custom logic directly…
UniFi OS Server Critical RCE Chain Allows Root Access Without Credentials
A critical vulnerability chain in the UniFi OS Server software has put thousands of organizations at serious risk. Researchers confirmed that an attacker can gain full root access to affected devices without a single credential, turning one unauthenticated request into…
Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts
Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products, warning that authenticated attackers could inject malicious scripts to perform administrative actions within the environment. Tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, the…
Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams
The 2026 FIFA World Cup is not just a celebration of football. For cybercriminals, it is a business opportunity, and they have already gotten to work. Threat actors have been building fake FIFA stores, spinning up phishing pages, and launching…
Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workflow Secrets
AI-powered coding tools are rapidly changing how developers build and ship software. But as these tools enter everyday development pipelines, they are also opening new doors for attackers. A recently uncovered vulnerability in a widely used AI coding assistant shows…
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens
A five-step attack chain that silently redirects Claude Code’s Model Context Protocol (MCP) traffic through attacker-controlled infrastructure, intercepting OAuth bearer tokens that grant persistent, broadly scoped access to connected SaaS platforms like Jira, Confluence, and GitHub with no patch incoming…
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their processes or injecting code, but by quietly choking their network bandwidth to near-zero using Windows’ native…
Instagram Fixes Password Reset Flaw That Exposes User Emails and Phone Numbers
A critical logic bug in Instagram’s web-based password reset flow on June 6, 2026, exposed unredacted email addresses and phone numbers associated with user accounts, including those belonging to high-profile individuals such as Meta CEO Mark Zuckerberg and model Georgina…
CISA Warns of Linux Kernel Improper Authentication Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, tracked as CVE-2022-0492, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively leveraged in real-world attacks. The issue, categorized as…
New ChatGPT Lockdown Mode to Mitigate Prompt Injection and Data Exfiltration Attacks
OpenAI has released ChatGPT Lockdown Mode, a new security feature designed to limit outbound network access and reduce the risk of data exfiltration from prompt-injection attacks. The feature is now available to eligible personal accounts, self-serve ChatGPT Business users, and…
Free Apps on Samsung and LG Smart TVs Secretly Turning Your Devices Into AI Proxies
Free apps available on Samsung, LG, Roku, and other major smart TV platforms have been quietly enrolling millions of living room devices into a commercial residential proxy network used to scrape web data for AI training all through a consent…
Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks
A newly disclosed critical vulnerability in the HuggingFace Transformers library, tracked as CVE-2026-4372, allows attackers to achieve remote code execution (RCE) through malicious model configuration files. The flaw exposes a significant supply chain risk in one of the most widely…
Top 5 Best Tools for Simulated DDoS Attacks in 2026
Last year, a botnet hurled 31.4 Tbps of junk traffic at a single target—enough data to stream every Netflix movie at once. The record-shattering flood forced boards, regulators, and cloud teams to ask one question: are we sure our defenses…
CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SolarWinds Serv-U vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the flaw in the wild. Tracked as CVE-2026-28318, the vulnerability affects…
OWASP CVE Lite CLI – New Tool to Scan for Vulnerabilities in Your Projects
CVE Lite CLI is a free, open-source vulnerability scanner officially recognized as an OWASP Incubator Project, designed to bring dependency security directly into developers’ terminals rather than leaving it buried in CI pipelines. Maintained by Sonu Kapoor and backed by…
Anthropic’s Claude Services Down — claude.ai, Claude Code, and Cowork Affected [Updated]
Anthropic’s Claude platform suffered a significant service disruption on June 5, 2026, with elevated error rates impacting multiple frontier AI models and key services, including claude.ai, Claude API, Claude Code, and Claude Cowork, raising concerns not just about infrastructure resilience…
New Gafgyt Variant Targets Multiple Linux Architectures With Modular Propagation
A newly discovered variant of the Gafgyt botnet malware, named C0XMO, has been quietly spreading across Linux-based devices by targeting a known vulnerability in DD-WRT router firmware. The malware exploits a stack buffer overflow flaw in the UPnP service of…
Hola Browser for Windows Delivery Pipeline Compromised to Deliver Cryptominer
A trusted browser application has landed at the center of a supply chain security incident after researchers discovered that its official delivery pipeline had been quietly compromised. Hola Browser for Windows, used by millions of users around the world, was…