A newly discovered banking trojan is targeting Brazilians by disguising itself as a legitimate electronic invoice. The malware, known as Banana RAT, uses fake NF-e (Nota Fiscal Eletronica) documents to trick victims into running malicious batch files that quietly install…
Category: EN
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that uses six separate persistence layers to stay embedded on compromised servers. The campaign targets internet-exposed VoIP…
A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim’s crypto wallets
Hey, Gemini, how much can we earn from one pump-and-dump cycle? This article has been indexed from www.theregister.com – Articles Read the original article: A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one…
The Department of Know: Google’s CodeMender, CISA’s big leak, Torvalds open-source warning
This week’s Department of Know is hosted by Rich Stroffolino, with guests Kathleen Mullin, former CISO, MyCareGorithm, and Nick Espinosa, host, Deep Dive Radio Show. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET.…
Verizon 2026 DBIR: 6 key takeaways for CISOs
<p>The threat landscape is undergoing rapid and unprecedented change, as reflected in the “Verizon 2026 Data Breach Investigations Report.” For the first time in the report’s 19-year history, vulnerability exploitation was the leading initial access vector, displacing credential abuse from…
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: FBI…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses…
Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
Ubiquiti Networks has released urgent security updates to address a series of highly critical vulnerabilities affecting its UniFi OS platform. These severe flaws could allow unauthenticated, remote attackers to execute arbitrary code, escalate privileges, and severely compromise enterprise network infrastructure.…
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Will Jason Statham save us? This article has been indexed from www.theregister.com – Articles Read the original article: Megalodon chums the waters in 5.5K+ GitHub repo poisonings
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN…
Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms
Microsoft has been recognized as a Leader in The Forrester Wave™: Workforce Identity Security Platforms, Q2 2026, receiving the highest scores in both the current offering and strategy categories. The post Microsoft recognized as a Leader in The Forrester Wave™…
Identity security for AI agents: The proliferation challenge
<p>AI agents are proliferating across the enterprise, with use cases ranging from IT and security operations to legal and compliance tasks.</p> <p>Omdia, a division of Informa TechTarget, <a target=”_blank” href=”https://research.esg-global.com/reportaction/515202205/Marketing” rel=”noopener”>published</a> the results of a survey of 400 security leaders…
Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs
A newly disclosed issue with Google Cloud API keys reveals that deleted credentials may remain usable for up to 23 minutes, exposing projects to potential abuse even after revocation. The finding raises concerns about delayed credential invalidation across Google’s infrastructure,…
CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation and urging organizations to remediate immediately. The flaw affects Langflow, a popular tool…
LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access
LiteSpeed has disclosed and patched a critical 0‑day privilege escalation flaw in its user-end cPanel plugin that is already being actively exploited to gain root access on Linux hosting servers. The bug is tracked as CVE‑2026‑48172 and affects LiteSpeed cPanel…
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek. This article has…
SOC Alert Overload: Why More Analysts Won’t Help
Security operations centers are facing a problem that hiring alone cannot solve. Alert volumes keep rising, attackers move faster than most human teams can investigate, and many SOCs still rely on workflows built for a much smaller stream of…
Microsoft Warns Users About Rising QR Code Phishing and Quishing Scams
Microsoft’s cybersecurity researchers have uncovered a growing wave of phishing scams using QR codes hidden inside emails, PDF files, and fake CAPTCHA pages. Instead of clicking suspicious links, victims scan QR codes that secretly redirect them to fraudulent websites…
Researchers Find Security Gap in Anthropic Skill Scanners
Security researchers have uncovered a gap in the way Anthropic Skill scanning tools inspect third-party AI packages, allowing malicious code hidden inside test files to execute on developer systems even after scanners marked the Skills as safe. The issue centers…
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country. The activity, per the…