A new compilation of 20 open-source cybersecurity tools has been released by Help Net Security, addressing emerging security challenges across multiple domains. This article has been indexed from CyberMaterial Read the original article: 20 Open-Source Cybersecurity Tools Roundup
Category: EN
12 Million Impacted by Data Breach at Japanese Telco KDDI
Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs. The post 12 Million Impacted by Data Breach at Japanese Telco KDDI appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)
Microsoft has finally released a security update for its Microsoft Malware Protection Engine, which fixes CVE-2026-50656, the Windows Defender local privilege escalation vulnerability triggered by the RoguePlanet exploit. The vulnerability and the fix CVE-2026-50656 is due to improper link resolution…
GhostApproval Flaws Let Top AI Coding Tools Write Outside Workspaces
Wiz found GhostApproval symlink flaws in major AI coding assistants that could hide sensitive file targets, bypass approval checks and enable system access too. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
HP Linux Imaging and Printing Software Flaw Enables Privilege Escalation Attacks
A critical vulnerability has been discovered in HP Linux Imaging and Printing Software (HPLIP), which exposes Linux systems to potential privilege escalation and remote code execution attacks. This vulnerability, tracked as CVE-2026-14544, has a CVSS v3 score of 9.8, indicating…
Attackers Exploit WordPress Plugin Vulnerabilities for Remote Code Execution and Webshell Access
A large-scale exploitation campaign is actively weaponising known vulnerabilities across multiple content management systems, with WordPress plugins forming the primary attack surface. Cyber actors are scanning the internet for vulnerable sites and chaining unauthenticated file upload, remote code execution (RCE),…
Microsoft fixes RoguePlanet zero-day in Defender
The RoguePlanet zero-day is now fixed in Microsoft Defender. Here’s how to make sure your system is protected. This article has been indexed from Malwarebytes Read the original article: Microsoft fixes RoguePlanet zero-day in Defender
15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google
Affecting every major distribution since 2011, the Linux kernel vulnerability allows attackers to gain root access. The post 15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec,…
Summer of Clearinghouses
Everyone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it apart is that it was already real and running when we announced it —…
Chinese-Funded Interpol Cybercrime Crackdown Leads to 5,800 Arrests
Operation First Light 2026, coordinated by Interpol and funded by the Chinese government, has led to 5,811 arrests This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese-Funded Interpol Cybercrime Crackdown Leads to 5,800 Arrests
75% CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face
Survey of cybersecurity leaders by MetaCompliance finds that many feel boards are uninterested in ever-evolving cyber risks This article has been indexed from www.infosecurity-magazine.com Read the original article: 75% CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face
AssuranceAmerica Confirms Massive Data Breach Exposing Driver’s License and Insurance Data
AssuranceAmerica, a U.S. provider of auto and renters insurance, has confirmed a significant data breach that exposed the personal information and driver’s license data of approximately 6.99 million people. This incident marks the largest known leak of Americans’ driver’s license…
GitHub Copilot Refuses Harmful Chat Prompts But Writes Them Inside Code Workflows
GitHub Copilot can refuse harmful prompts in chat while still generating the same harmful content inside code workflows when the request is decomposed across a multi-step IDE session. Researchers Abhishek Kumar and Carsten Maple from the Alan Turing Institute analyzed…
QR Codes Are the New Security Blindspots That Steal Your Card Details and Deliver Malware
A small pixelated square. You’ve scanned hundreds of them at coffee shops, parking meters, airport lounges, and restaurant tables. It feels instant. It feels safe. It feels routine. That’s exactly what cybercriminals are counting on. QR codes have become one…
Meta’s Muse AI Tool Lets Users Create Images Using Public Instagram Photos
Meta has launched Muse Image, its first image generation model built by Meta Superintelligence Labs, and the release has already triggered a privacy backlash because it lets users pull public Instagram photos into AI-generated visuals without notifying the account owner.…
New HalluSquatting Attack Allows Hackers to Poison AI Coding Assistants Into Installing Botnet Malware
A newly disclosed attack technique dubbed “HalluSquatting” is raising serious concerns in the cybersecurity community after researchers demonstrated how AI coding assistants can be manipulated into installing botnet malware through hallucinated resources. The research, conducted by Aya Spira, Stav Cohen,…
GitLab Patches Eight Security Vulnerabilities Across Community and Enterprise Editions
GitLab has released critical security updates addressing eight vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE), urging users to upgrade immediately to mitigate potential risks. The latest patch versions 19.1.2, 19.0.4, and 18.11.7 were published on July 8,…
5,811 arrests, $293 million seized over social engineering scams
Criminals who pose as police officers, romantic partners, and business suppliers have built fraud operations that reach across continents. A four-month enforcement campaign against these schemes wrapped up, and police in 97 countries and territories took part. Thousands of arrests…
RedHook Abuses Accessibility Service to Enable Developer Options and Wireless Debugging
RedHook, an Android Remote Access Trojan (RAT) first profiled in July 2025, has resurfaced with a markedly more dangerous capability: autonomous abuse of Android’s ADB Wireless Debugging to acquire shell-level privileges (uid 2000). While its baseline toolkit screen streaming, keylogging,…