Android Malware Campaign Uses Fake Document Reader App with 100K Google Play Downloads tracks a fresh Anatsa campaign that abused trust in a seemingly useful document-reader app to reach a large install base before its payload was activated. The malicious…
AI Has Moved From Assistance to Action. Is Your Security Model Ready?
There is a quiet shift happening inside enterprise AI adoption. AI is no longer just something employees ask for help. It is becoming something the business asks to do work. Employees use public AI tools. Developers build with model providers.…
Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs
The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Critical…
Third DraftKings Hacker Sentenced to 18 Months in Prison
Nathan Austad has been ordered to pay roughly $1.8 million in forfeiture and restitution, and the sentence also includes 3 years of supervised release. The post Third DraftKings Hacker Sentenced to 18 Months in Prison appeared first on SecurityWeek. This…
Dawn of the Apex Agentic Adversary
We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor…
KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Email Credentials
Customers of the affected Japanese email services are “strongly advised” to change their email passwords This article has been indexed from www.infosecurity-magazine.com Read the original article: KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Email Credentials
IT Security News Hourly Summary 2026-06-24 15h : 16 posts
16 posts were published in the last hour 12:35 : Grafana Confirms TanStack npm Supply Chain Attack Led to GitHub Repository Cloning 12:35 : Hackers Exploit Unpatched SharePoint Servers to Deploy Ransomware and Custom Backdoors 12:34 : SuperOps and Guardz…
Grafana Confirms TanStack npm Supply Chain Attack Led to GitHub Repository Cloning
Grafana Labs has confirmed that a recent supply chain attack involving the TanStack npm ecosystem resulted in the cloning of its internal GitHub repositories. However, it did not compromise customer production systems or the Grafana Cloud platform. This disclosure follows…
Hackers Exploit Unpatched SharePoint Servers to Deploy Ransomware and Custom Backdoors
Unpatched on-premises SharePoint servers have become a prime target for sophisticated threat actors using known security flaws to break in, plant ransomware, and leave behind hidden backdoors. These are not opportunistic smash-and-grab operations. They are calculated, multi-stage campaigns designed to…
SuperOps and Guardz bundle IT operations and security into one product for MSPs
SuperOps and Guardz announced a strategic partnership, combining their platforms into a single bundled offering for managed service providers (MSPs). The package brings professional services automation (PSA), remote monitoring and management (RMM), mobile device management (MDM), and agentic security operations…
Phishing attack on healthcare firm Xsolis impacts 1.4 million people
Healthcare technology company Xsolis confirmed that a phishing attack resulted in unauthorized access to its network. The company develops AI-powered software for hospitals, health systems, and health plans and serves more than 600 hospitals and health insurers. “On January 22,…
Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming
Digital skimming has officially entered the decentralized era, bringing in a new era for a major source of crime and fraud. Researchers at Source Defense have uncovered that a large-scale… The post Magecart Evolves and Attackers Weaponize Ethereum Blockchain for…
Hackers Use Microsoft Teams-Themed Lures to Deploy Legitimate Remote Access Software
An active phishing campaign that impersonates Microsoft Teams to trick victims into downloading a legitimately signed remote access tool (RAT) preconfigured for unauthorized access. Attackers deliver Teams-themed lures notifications about meeting transcripts, missed recordings, or “download transcript” prompts linking to…
London cops bring live facial recognition to West End
‘Permanent biometric surveillance of the public square’ incompatible with policing by consent, say critics This article has been indexed from www.theregister.com – Articles Read the original article: London cops bring live facial recognition to West End
New ‘Mistic’ RAT Opens Door to Several Ransomware Families
Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta. The post New ‘Mistic’ RAT Opens Door to Several Ransomware Families appeared first on SecurityWeek. This article has been indexed from…
Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed
Context is the central plank of AI in general, and agentic AI in particular. If an AI system doesn’t have the correct context, it cannot make the correct decisions. The post Agentic AI Security: Wrong Context, Wrong Decisions at Machine…
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
CVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco’s Unified Communications Manager (Unified CM), is being exploited to drop webshells and achieve remote code execution capability on the underlying server. “Our honeypots are seeing automated sweeps dropping webshells, all via…
Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Iran-Linked MuddyWater Poses as Ransomware Gang to…
WhatsApp phishing campaign distributes VBScript malware
Cybersecurity researchers have identified an active malware distribution campaign targeting WhatsApp users in multiple countries. This article has been indexed from CyberMaterial Read the original article: WhatsApp phishing campaign distributes VBScript malware
London Hydro customer data breach
London Hydro has confirmed a data breach that exposed a range of customer information to unauthorized access. This article has been indexed from CyberMaterial Read the original article: London Hydro customer data breach
Cloudflare, browsers launch privacy token protocol
Cloudflare and the three major commercial browser makers have committed to developing Private Access Control Tokens (PACTs), a new protocol designed to help websites distinguish legitimate traffic from abusive requests without relying on CAPTCHAs or invasive identity checks. This article…
Two Scattered Spider members plead guilty to £39m TfL cybera
Two young British men have pleaded guilty to orchestrating a cyberattack on Transport for London that resulted in £39 million in damages and significant operational disruption. This article has been indexed from CyberMaterial Read the original article: Two Scattered Spider…
OpenClaw AI Marketplace Malicious Skills
Palo Alto Networks’ Unit 42 research team has identified malicious AI skills distributed through ClawHub, an artificial intelligence marketplace, that successfully bypass automated security scanning systems. This article has been indexed from CyberMaterial Read the original article: OpenClaw AI Marketplace…
Payouts King Initial Access Broker Deploys Edgecution Malware Through Malicious Edge Extension
A concerted campaign by an initial access broker with ties to the Payouts King ransomware ecosystem that leverages a novel browser-based delivery technique to establish persistent host-level control. The actor deploys a malicious Microsoft Edge extension dubbed “Edgecution” which abuses…