Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide between January 2018 and July 2026, tracking incidents only when verified through victim…
Hackers are Turning AI Gateways as Attack Surfaces to Compromise Enterprise Networks
AI gateways are increasingly being targeted as organizations connect generative AI applications to cloud services such as Amazon Bedrock. These gateways sit between users, business applications, and large language models, making them an attractive entry point into enterprise networks. Darktrace…
Linux Kernel FUSE Vulnerability Lets Attackers Gain Root Privileges
A Linux kernel vulnerability in the FUSE subsystem can allow a local attacker to gain root privileges by overflowing the page cache with attacker-controlled directory entries. The flaw is tracked as CVE-2026-31694 and affects the code path used when the…
GNU Guix Vulnerabilities Allow Remote Privilege Escalation via Malicious Binary Substitutes
GNU Guix has disclosed four serious security vulnerabilities affecting its package substitution and channel-management features. Three flaws in the guix substitute utility can enable remote privilege escalation, corruption of stored data, and local disclosure of files readable by the build…
Malicious Windows Shortcuts Use PowerShell and Node.js to Enable Remote Code Execution
A malicious Windows shortcut is being used to turn a routine download into a full remote-code-execution foothold. The campaign begins with convincing booking-themed spam and steers victims toward a ZIP archive that conceals a booby-trapped LNK file. One click can…
Hackers Can Go From CitrixBleed 2 Exploitation to Ransomware in Under an Hour
A critical Citrix flaw is giving intruders a fast route from an internet-facing gateway to a ransomware event. The activity centers on CitrixBleed 2, tracked as CVE-2025-5777, which can expose memory from affected NetScaler ADC and Gateway appliances before a…
Third US Security Expert Sentenced to Prison for Helping Ransomware Gang
Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group. The post Third US Security Expert Sentenced to Prison for Helping Ransomware Gang appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
AI Agents Built to Detect Malware Can Be Manipulated Into Running It
AI agents capable of identifying malicious software can be manipulated by the AI Now Institute to execute it, according to new research. The proof-of-concept attack, known as “Friendly Fire,” demonstrates that autonomous AI coding agents, such as Claude Code…
New Ransomware Exploits Malicious Driver to Remove Cybersecurity Protections
GodDamn ransomware uses remote desktop application to secretly move around networks and drop the malicious PoisonX kernel driver This article has been indexed from www.infosecurity-magazine.com Read the original article: New Ransomware Exploits Malicious Driver to Remove Cybersecurity Protections
GNU Guix Vulnerabilities Let Attackers Overwrite Arbitrary Files and Escalate Privileges
Security researcher Caleb Ristvedt disclosed the issues on July 222, 202620262026, warning that all GNU Guix installations are affected. Systems running guix-daemon as root face the highest risk because a malicious substitute server or a man-in-the-middle attacker could write files…
Fashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk
Copenhagen company ‘sorry’ after ‘perpetrator’ pops order management system This article has been indexed from www.theregister.com – Articles Read the original article: Fashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk
Incode brings on-device processing to age estimation for privacy-focused verification
Incode has launched On-Device Age Estimation, an age verification capability that performs age estimation and liveness detection directly on the user’s device, without transmitting facial data off the device. The company’s age estimation models are now available to run entirely…
China, India-Linked Hackers Both Targeted Same Pakistani Police Force
Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne. The post China, India-Linked Hackers Both Targeted Same Pakistani Police Force appeared first on SecurityWeek. This article has been indexed…
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access
A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks. The threat actor, tracked by…
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking
Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure.…
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites
A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation’s inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million websites. Far…
From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale
Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organizations consolidate their asset and exposure data…
Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers
A single wrong variable on one line in XQUIC, Alibaba’s QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher Sébastien Féry disclosed the flaw on…
AI Surveillance and Social Progress
In the near future, AI-powered surveillance systems will be able to track everything we do in public, and much of what we do in private. And if we do something wrong—shoplift, litter, jaywalk, you name it—the system will notice, retain…
How mule betting scams recruit ordinary people
Easy-money offers to open a gambling account could make you part of a money laundering operation. Here’s how to spot a mule betting scam. This article has been indexed from Malwarebytes Read the original article: How mule betting scams recruit…
Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers
The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages. The post Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
NetScaler MCP Gateway Secures LLM and Agentic AI Traffic From a Single Platform
Citrix, a Cloud Software Group company, announced major updates to its NetScaler® platform on July 9, 2026, introducing MCP Gateway functionality designed to secure and govern the explosive growth of AI agent traffic across enterprise environments. The new capability allows…
New Multi-Stage LNK Attack Targets Hospitality Firms With Node.js Backdoor
Hospitality firms are being targeted in an active phishing campaign that uses fake booking-related emails to deliver a multi-stage Node.js backdoor. The attack chain abuses Google Share links, malicious ZIP archives, Windows shortcut files, PowerShell, and the TON blockchain to…
Wireshark 4.6.7 Released to Patch 12 Vulnerabilities in SSH, TLS, Wi-Fi and pcapng
Wireshark has released version 4.6.74.6.74.6.7, addressing 121212 security flaws across protocol dissectors, capture-file parsers, and its external capture interface. The update resolves issues affecting SSH, TLS Encrypted Client Hello (ECH), IEEE 802.11802.11802.11 Wi-Fi traffic, and pcapng capture files, among other…