Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver. KnowledgeDeliver is a Learning Management System (LMS) developed by Digital Knowledge commonly used in Japan.…
Category: EN
2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services
Written by: Jamie Collier While Russian-speaking threat actors have historically dominated the phishing-as-a-service (PhaaS) landscape, a rival ecosystem is rapidly growing within the Chinese-language underground. Google Threat Intelligence Group (GTIG) analyzed a dozen current PhaaS offerings in the Chinese underground,…
MiniUpdate RAT Abuses Azure C2 for Targeted Espionage
A sophisticated espionage campaign by the Iran-nexus advanced persistent threat group known as Screening Serpens also tracked as UNC1549 and Smoke Sandstorm deploying a newly identified remote access Trojan (RAT) family called MiniUpdate against targets in the United States, Israel,…
OpenHack: Open-source AI-powered vulnerability research
Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new MIT-licensed project from the Dutch security firm Hadrian, called OpenHack, packages that approach into a file-based…
Hackers Use CypherLoc Kit to Push Fake Microsoft Support Scams
CypherLoc is a sophisticated browser-lock scareware designed to drive victims to fraudulent tech support calls. It evades scanners and sandboxes by executing in an encrypted, condition-based manner inside the browser. Security teams should have robust anti-phishing, browser, and endpoint protections…
Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks
NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite_module. The flaw, dubbed “Nginx-poolslip,” can allow attackers to trigger denial-of-service (DoS) conditions and, under certain conditions, achieve remote…
Boards want cyber risk in dollars, not CVE counts
In this Help Net Security video, Ziv Levi, SVP of Technology at CYE, explains why translating cyber risk into dollars is one of the most pressing tasks for security leaders. Boards and executives want cyber exposure described in business terms,…
Wireshark 4.6.6 Released With Fix for Dissector Crash via Malformed Packet Injection
The Wireshark Foundation has released Wireshark 4.6.6, addressing a critical security vulnerability in the ROHC (Robust Header Compression) protocol dissector that could allow an attacker to crash the application by injecting a specially crafted, malformed packet. The update also resolves…
Pentest Agent Suite – Bug Bounty Framework for Claude Code and 6 AI Coding Tools
A fully autonomous bug-bounty framework called Pentest Agent Suite has been open-sourced, delivering 50 specialized security agents, 26 slash commands, 19 CLI tools, and a cross-IDE installer across seven major AI coding platforms — Claude Code, OpenAI Codex, Google Gemini,…
Turns out the C-suite loves shadow AI
Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, according to TrustedTech’s Shadow AI in the Workplace report. The study found…
AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage
Is AI about to trigger a cybersecurity vulnerability explosion? In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a “vulnerability apocalypse” as Anthropic’s Claude-powered Project Glasswing identifies thousands of potential software…
Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack
New TrapDoor supply chain campaign, an active attack deploying 34 malicious packages and over 384 related versions across npm, PyPI, and Crates.io to steal developer credentials and cryptocurrency wallets. The operation explicitly targets developers in the crypto, DeFi, Solana, and…
Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches
A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
Real-Time Webhook Notifications: No More Lost Security Alerts
Every security team knows the pain: a critical alert lands in someone’s inbox, buried under dozens of other emails, or filtered out by a spam rule. By the time anyone sees it, the incident is already in full swing—no ticket…
Wireshark 4.6.6 Released, (Sun, May 24th)
Wireshark release 4.6.6 fixes 1 vulnerability and 11 bugs. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.6.6 Released, (Sun, May 24th)
AI eyes scanning for bugs create a worrisome Linux security trend
Dirty Frag, Copy Fail, and Fragesia show the new reality This article has been indexed from www.theregister.com – Articles Read the original article: AI eyes scanning for bugs create a worrisome Linux security trend
Hackers Abuse Google Ads and Claude.ai Chats to Spread Mac Malware
Cybercriminals are once again abusing trust, and this time they are combining Google Ads with Claude.ai shared chats to push malware onto Mac users. The campaign targets people searching for terms like “Claude mac download,” where sponsored results appear…
Anthropic’s Project Glasswing Detects Over 10,000 Critical Software Vulnerabilities Worldwide
iArtificial intelligence company Anthropic has revealed that its cybersecurity initiative, Project Glasswing, has successfully identified more than 10,000 high- and critical-severity vulnerabilities across globally significant software systems since the program was introduced last month. The initiative was designed as…
JDownloader Website Breach Spreads Malware Through Fake Windows and Linux Installers
In early May 2026, the official website for JDownloader was compromised, causing users to unknowingly download infected installers instead of legitimate software. During the two-day breach window, attackers replaced Windows and Linux setup files with malicious versions carrying hidden…
Top 10 Best Static Application Security Testing (SAST) Tools for Security Teams in 2026
The complexity of modern software development requires security to be deeply embedded within the engineering pipeline rather than treated as an afterthought. Whether you are managing extensive front-end codebases or back-end API integrations, catching flaws before code is compiled is…