A new and active malware campaign is spreading through WhatsApp, targeting everyday Windows users across more than a dozen countries. The threat uses malicious script files disguised as routine financial documents, tricking people into running harmful code on their own…
Category: Cyber Security News
Microsoft has urged IT Admins to Prepare for Windows 11, Version 26H2 Update
Microsoft has urged IT administrators to begin preparing for the upcoming Windows 11 version 26H2 update, which is now available for testing through the Windows Insider Program. The release continues Microsoft’s shift toward a predictable, low-disruption servicing model designed to…
QNAP Patches Multiple Injection Vulnerabilities Leads to Arbitrary Command Execution
QNAP has released security updates to address multiple vulnerabilities affecting its widely used NAS operating systems, including QTS, QuTS hero, QuTS cloud, and QVP (QVR Pro appliances). The advisory highlights a series of critical flaws that could allow attackers to…
pgAdmin 4 Released With Fixes for Seven Security Vulnerabilities and New Features
pgAdmin 4 version 9.16 has been released, delivering a combination of new features, bug fixes, and critical security updates to strengthen the widely used PostgreSQL management platform. The update includes 64 bug fixes and addresses seven security vulnerabilities, tracked as…
GitHub Actions Checkout Update Blocks Workflows Triggered by Malicious pull_request_target
GitHub has rolled out a significant security enhancement to GitHub Actions by updating actions/checkout to block unsafe workflows that abuse the pull_request_target event. The pull_request_target trigger is widely known as one of the most misused events because it runs with the base repository’s GITHUB_TOKEN, secrets, and default-branch…
13-Word Reddit Comment Can Poison ChatGPT and Gemini AI Search Results
A newly published academic paper has revealed a critical vulnerability in AI-powered deep-research systems, including those underpinning commercial tools like OpenAI’s Deep Research and Google’s Gemini Deep Research, that allows a single short Reddit comment to manipulate the reports these…
North Korean Hackers Abuse Mastra npm Supply Chain to Target Developers and CI/CD Pipelines
North Korean hackers have turned a widely used developer tool into a weapon, quietly poisoning more than 140 software packages that developers across the world rely on every day. The campaign is sophisticated, stealthy, and far-reaching, raising urgent questions about…
Chinese Cyber Contractors Use Malware, Botnets, and Stolen Data to Enable State Operations
China’s cyber operations have evolved far beyond what most people imagine when they picture a state-sponsored hacker. Instead of lone government agents breaking into servers, the country now runs an intricate web of private companies, contractors, and data brokers that…
Malicious JetBrains and VS Code Extensions Steal OpenAI, Anthropic, and DeepSeek API Keys
Developers who rely on AI coding tools are now facing a serious new threat. A coordinated malware campaign has been uncovered on the JetBrains Marketplace, where at least 15 fake IDE plugins were quietly stealing AI provider API keys from…
Hackers Compromised 10,000+ GitHub Repositories to Inject Malicious Script
A large-scale malware campaign has been uncovered on GitHub after a researcher identified more than 10,000 repositories distributing Trojan-laced archives, raising concerns about abuse of the platform’s trust model and limitations in automated detection. The investigation began when the researcher…
Hackers Impersonate Node.js Installer in Google Ads to Deploy Infostealer Malware
Hackers are using fake Google Ads to push a brand-new malware loader that disguises itself as the popular Node.js installer. The campaign has been actively targeting Windows users in the United States, silently dropping a dangerous infostealer onto their machines…
Anthropic’s Mythos AI Model Reportedly Breached NSA Classified Systems in Hours
Anthropic’s flagship Mythos AI model reportedly infiltrated nearly all of the National Security Agency (NSA) ‘s classified systems within a few hours during an authorized red-team evaluation on June 11. This incident now seems to be the main reason for…
Anthropic’s Claude AI Back Online After 90-Minute Global Outage
Anthropic’s Claude AI platform suffered a significant service disruption on June 22, 2026, affecting multiple flagship models and leaving developers worldwide scrambling for nearly 90 minutes before engineers restored full functionality. The incident began at 00:37 UTC on June 22,…
FortiBleed – Fortinet Warns of Active Credential Harvesting Campaign Targeting FortiGate Devices
Fortinet has issued an urgent security advisory warning customers of an ongoing credential-harvesting campaign targeting FortiGate appliances, dubbed “FortiBleed” by threat researchers. According to the company’s analysis shared by Carl Windsor, the activity does not stem from a new vulnerability…
GentleKiller Ransomware Abuses Vulnerable Drivers to Disable 400+ EDR Security Processes
A highly sophisticated EDR-killing framework, dubbed GentleKiller, was used by the Gentlemen ransomware-as-a-service (RaaS) gang to systematically disable endpoint security tools before deploying its ransomware payload. The findings by ESET, published on June 17, 2026, detail how Gentlemen, one of…
CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT
A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing and threat intelligence tools with a provider-agnostic AI engine that supports Claude, GPT-4o, OpenRouter, and fully…
AutoJack – A Single Web Page Can Hijack Your AI Agent to Execute Malicious Code
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and execute arbitrary code on the host machine without any user interaction beyond submitting a URL. AutoJack is a three-vulnerability…
CISA Adds LiteSpeed cPanel Plugin Vulnerability to KEV List Following Active Exploitation
CISA has added a critical LiteSpeed cPanel Plugin vulnerability, tracked as CVE-2026-54420, to its Known Exploited Vulnerabilities (KEV) catalog following evidence of active exploitation in the wild. The flaw affects shared hosting environments and poses a significant risk to servers…
Chrome Extensions’ Critical Flaws Let Attackers Easily Compromise Millions of Browsers
Critical security flaws discovered in widely used Chrome extensions SiderAI and MaxAI are putting millions of users at risk, enabling attackers to fully compromise browser sessions and potentially access sensitive data across websites and local systems. Security researchers at Rebora…
HazyBeacon Weaponizes AWS Lambda Function URLs for Stealth Command-and-Control Relays
HazyBeacon, tracked as CL-STA-1020, is a stealthy cyber-espionage campaign targeting Southeast Asian government networks by abusing AWS Lambda Function URLs as covert command-and-control (C2) relays. Qualys Security researchers have observed attackers leveraging misconfigured serverless features and stolen cloud credentials to…