Dark web activity often becomes visible during marketplace seizures, major data leaks, or sudden spikes in criminal activity. Those events can create an impression of an ecosystem where attention shifts quickly and new trends regularly replace old ones. A six-year…
Category: EN
WantToCry Ransomware Exploits SMB to Encrypt Remote Files
A new ransomware campaign named “WantToCry” that leverages exposed Server Message Block (SMB) services to gain access and encrypt victim data without deploying traditional malware on compromised systems. This approach significantly reduces the detection surface, making it harder for conventional…
Windows93 / Myspace93 – 46,105 breached accounts
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June and included 46k Myspace93 accounts containing email…
AI red teaming agents change how LLMs get tested
Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source…
Claude Code Sandbox Flaw May Compromise User Secrets
A newly disclosed security flaw in Anthropic’s Claude Code platform has exposed a critical weakness in its network sandbox, potentially allowing attackers to bypass restrictions and exfiltrate sensitive data. The issue, identified by security researcher Aonan Guan, marks the second…
New GhostTree Attack Causes EDR Tools to Hang, Leaving Files Unscanned
A newly disclosed attack technique dubbed “GhostTree” is raising concerns among defenders after researchers demonstrated how it can disrupt endpoint detection and response (EDR) tools and bypass file scanning mechanisms on Windows systems. The technique, discovered by Varonis Threat Labs, abuses NTFS…
Building trust through AI red teaming: Red Hat’s approach to testing model safety
In the last few years, large language models (LLMs) have moved from research labs to production systems powering critical business functions. This rapid adoption poses a fundamental challenge for enterprises: How do you deploy AI with confidence when models can…
New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned
A novel evasion technique called GhostTree, which exploits NTFS junctions to create recursive directory loops. Uncovered by Varonis Threat Labs, this method traps Endpoint Detection and Response (EDR) scanners in infinite paths, causing them to hang and ignore malicious payloads.…
Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and account exposure. I have used Bitdefender Mobile Security for iOS for the last two…
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score…
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension. The development comes…
Claude Code’s Network Sandbox Vulnerability Exposes User Credentials and Source Code
Anthropic’s Claude Code AI coding assistant harbored a critical network sandbox bypass for over five months, allowing attackers to exfiltrate credentials, source code, and environment variables from developer systems, and the company issued no public advisory for either incident. Security…
Cyber threats push SMBs to spend more on security
Cybersecurity has become a key priority for small and medium-sized businesses due to growing threats and wider AI adoption. An IDC survey of 2,200 SMBs in eight markets examined how organizations manage cyber risks, prepare for AI-related threats, and handle…
Dark Web Brokers Repackage Old Breaches as Fresh Corporate Data Leaks
A wave of fake data leak claims is flooding dark web forums, and most of what is being sold turns out to be recycled material from old breaches. Threat actors operating in Chinese-language cybercrime ecosystems are packaging this stale data…
Gremlin Stealer Stores C2 URLs and Exfiltration Paths in Encrypted Resource Sections
A newly analyzed variant of the Gremlin stealer malware has raised alarms by hiding its command-and-control (C2) addresses and data exfiltration paths inside encrypted resource sections of a compiled program. This approach makes the malware harder to detect through traditional…
ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, May 21st, 2026…
ExifTool CVE-2026-3102: RCE via Image Metadata
Security researchers at Kaspersky’s Global Research and Analysis Team have disclosed CVE-2026-3102, a critical vulnerability in ExifTool that allows attackers to execute arbitrary commands on macOS systems by hiding malicious code inside image file metadata. This article has been indexed…
Malicious VS Code Extension Breaches GitHub
GitHub confirmed over the weekend that an employee device was compromised after installing a trojanized Visual Studio Code extension from the official marketplace. This article has been indexed from CyberMaterial Read the original article: Malicious VS Code Extension Breaches GitHub
AI-Driven DDoS Attacks Surge 738% in Finance
Financial services organizations face a dramatic escalation in distributed denial-of-service attacks, with the median duration of Layers 3 and 4 DDoS attacks increasing 738% since 2024, according to new research from Akamai. This article has been indexed from CyberMaterial Read…
UK GCA Opens £2.9B Defense Tech Framework to SMEs
The UK Government Commercial Agency has announced plans to expand access to a major defense technology procurement framework worth £2.88 billion, opening opportunities for small and medium-sized enterprises that have been largely excluded from previous contracts. This article has been…