A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google Drive login page…
Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks
SonicWall has released a critical security advisory addressing four vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. These security flaws could allow remote attackers to escalate privileges, bypass multi-factor authentication, and enumerate user credentials. The most severe vulnerability…
GitLab Patches Multiple Vulnerabilities That Enables DoS and Code Injection Attacks
GitLab has released urgent security updates (versions 18.10.3, 18.9.5, and 18.8.9) for its Community Edition (CE) and Enterprise Edition (EE) to address high-severity flaws that enable Denial-of-Service (DoS) and code-injection attacks. GitLab strongly advises all administrators of self-managed systems to…
CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…
Hackers Impersonate Linux Foundation Leader in Slack to Target Open Source Developers
Open source developers are facing a growing and sophisticated threat — one that does not rely on complex exploits or hidden vulnerabilities but instead uses something far simpler: trust. A social engineering campaign is actively targeting developers through Slack, where…
Hackers Use Fake Security Software to Deliver LucidRook Malware in Taiwan Attacks
A newly identified malware called LucidRook has been spotted targeting organizations across Taiwan, hiding inside what appears to be legitimate security software. The attackers went out of their way to make it look convincingly real, forging the icon and application…
Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access
Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints. The post Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access appeared first on SecurityWeek. This article has been…
Securing the AI Supply Chain: What are the Risks and Where to Start?
AI supply chain security: Explore the risks of poisoned datasets, compromised open-source libraries, and AI-powered phishing. The post Securing the AI Supply Chain: What are the Risks and Where to Start? appeared first on Security Boulevard. This article has been indexed…
Ransomware attack on ChipSoft
ChipSoft, a leading provider of healthcare systems in the Netherlands, has been struck by a ransomware attack, raising concerns about the security of patient data across the country. This article has been indexed from CyberMaterial Read the original article: Ransomware…
Minnesota Activates Guard After Cyberattack
Governor Tim Walz signed an executive order on Tuesday to deploy emergency aid to Winona County after a major cyberattack crippled local infrastructure. This article has been indexed from CyberMaterial Read the original article: Minnesota Activates Guard After Cyberattack
OpenAI Plans Phased Model Rollout
OpenAI is preparing to launch a new model featuring sophisticated cybersecurity tools, though it will initially be restricted to a select group of corporate partners. This article has been indexed from CyberMaterial Read the original article: OpenAI Plans Phased Model…
Iran-Linked Hackers Likely To Continue
Tehran-aligned hackers have warned that the current ceasefire between Iran, the United States, and Israel will not halt their retaliatory cyber operations. This article has been indexed from CyberMaterial Read the original article: Iran-Linked Hackers Likely To Continue
Microsoft Suspends Open-Source Accounts
Microsoft has abruptly suspended the developer accounts for open-source security projects VeraCrypt and WireGuard, preventing them from signing drivers or issuing updates to Windows users. This article has been indexed from CyberMaterial Read the original article: Microsoft Suspends Open-Source Accounts
New macOS Malware notnullOSX Targets Crypto Wallets Over $10K
macOS Malware notnullOSX targets crypto wallets over $10K, using fake apps, Terminal tricks, and backdoors to steal funds and sensitive data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator. The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Palo…
The Identity Gap Blocking Agentic AI at Scale
Agentic AI is scaling faster than security can keep up. Discover why treating identity as a first-class prerequisite is the only way to contain non-deterministic AI risk in production. The post The Identity Gap Blocking Agentic AI at Scale appeared…
Acrobat Reader zero-day exploited in the wild for many months
Unknown attackers have exploited a zero-day Adobe Acrobat Reader vulnerability since November 2025 and possibly even earlier, security researcher Haifei Li has discovered. PDF files carry the exploit Haifei Li is one of the creators of EXPMON, a sandbox-based cybersecurity…
OPSWAT adds predictive AI engine to MetaDefender for pre-execution threat detection
OPSWAT has announced OPSWAT Predictive Alin AI, its first proprietary AI-based threat detection engine for the MetaDefender Platform. This AI-based innovation introduces a new category of capability within the MetaDefender Platform, a high-confidence predictive layer that works alongside existing detection…
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX. Two of the targets included…
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON’s Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact (“Invoice540.pdf”) first appeared…
The Hidden Security Risks of Shadow AI in Enterprises
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing…
STX RAT Hides Remote Desktop, Steals Data to Dodge Detection
A stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques to stay under the radar of security tools. The operators rely on opportunistic initial access, including…
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score of 9.8. It allows remote, unauthenticated attackers to execute commands…
ClickFix Campaign Abuses macOS Script Editor to Deploy Atomic Stealer
A refreshed ClickFix campaign that swaps macOS Terminal for Script Editor to deliver an Atomic Stealer payload to unsuspecting Mac users quietly. By abusing the applescript:// URL scheme, attackers sidestep Apple’s new paste-protection in Terminal on macOS Tahoe 26.4 while preserving the same underlying…