A newly documented Windows injection approach, dubbed Process Parameter Poisoning or P³, uses process startup parameters as an unconventional staging area for shellcode. Implemented in the P³-Shellcode Loader proof of concept, the technique can reduce exposure to telemetry that endpoint…
Redefining the CISO Contract: From Securing the Business to Securely Doing Business
Walk into almost any executive leadership meeting right now and you’ll find the same dynamic playing out. The CEO is asking how the company can do more with AI, faster. Engineering teams are already three sprints deep into building something…
Scot NHS Trust probes email stuffup involving maternity patients’ data
NHS Forth Valley is the latest health board to bungle basic email data protection principles This article has been indexed from www.theregister.com – Articles Read the original article: Scot NHS Trust probes email stuffup involving maternity patients’ data
GigaWiper Combines Multiple Malware for System-Level Sabotage
The backdoor’s destructive capabilities include a standalone wiper, ransomware encryption, and a multi-pass wiping command. The post GigaWiper Combines Multiple Malware for System-Level Sabotage appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: GigaWiper…
Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks
A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multiple victims and working with two other…
Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with…
Odyssey Stealer Attacks Macs Worldwide and Replaces Crypto Wallet Apps With Drainers
Odyssey Stealer is driving a large-scale macOS infostealer campaign that now spans more than 100 countries, with operators systematically hijacking cryptocurrency ecosystems by replacing legitimate wallet apps with drainer trojans. The operation blends advanced social engineering, AppleScript-based stealth, and persistent…
GigaWiper Merges Three Malware Families Into One Destructive Backdoor
Microsoft uncovered GigaWiper, a modular Go backdoor combining three malware families with espionage, remote control, and destructive wiping features. In October 2025, Microsoft’s threat intelligence team identified destructive wiping activity inside compromised environments and traced it to a previously unknown…
‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism
Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution. The post ‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ‘HalluSquatting’…
NHS Warns Staff Over Unauthorized Access to Patient Data
NHS tells staff they could face prison for “inappropriate” access to patients’ medical records This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS Warns Staff Over Unauthorized Access to Patient Data
Braintree NuGet Typosquat Uses XOR-Obfuscated C2 to Hide Environment Secret Theft
A malicious NuGet package impersonating the Braintree .NET payment library has put production payment systems at risk. The package can collect live card details during transactions, then send the data away without alerting the application or its users. It also…
GhostApproval Symlink Codes Could Run Malicious Codes in AI Coding Agents
Cyber security experts at Wiz discovered that a bug in six famous AI coding assistants allows a booby-trapped code project to silently take over a developer’s system. The assistant can ask access to edit one innocent-looking file, but the write…
AI-assisted software engineering is creating a new delivery paradox
AI can generate code faster than most software organizations can absorb it. This should be a productivity breakthrough, but it also exposes a larger problem: many of the processes surrounding software delivery still happen at human speed. A new white…
Sysdig uncovers first documented agentic ransomware operation
Security researchers at Sysdig have documented what they believe is the first documented case of an AI agent running a ransomware operation from end to end. Dubbed JADEPUFFER, the operation used a large language model (LLM) to automate an attack…
Network of 200 GitHub Repositories Used for Malware Infection
A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware. The post Network of 200 GitHub Repositories Used for Malware Infection appeared first on SecurityWeek. This article has been…
July 2026 Patch Tuesday forecast: Is CVE tracking still practical?
I was off by a month in my forecast of record-setting CVE releases from Microsoft. In June, we saw the deluge of over 200 reported CVEs that I expected in May. There were 116 CVEs for Windows 11 and 104…
Fake Robinhood Sign-In Alerts Trick Users Into Calling Hacker-Controlled Phone Numbers
A sophisticated callback phishing campaign impersonating Robinhood is coercing victims into dialing attacker-controlled phone numbers by exploiting fear of account compromise. The campaign begins with an unsolicited email or SMS posing as a Robinhood security alert, warning recipients of “unusual…
The open source library holding up your stack might have one maintainer
Every serious software product runs on code that someone else wrote and released for free. A web service leans on a cryptography library, a data pipeline pulls in a parser, and a mobile app ships a handful of small utilities…
Workato expands Agent Studio with Headless API, AI guardrails
Workato has announced two new capabilities for Agent Studio: Headless API and Agent Guardrails. Headless API lets Genies, Workato’s AI agents built on Agent Studio, be embedded into any business application surface, on web, mobile, or inside another agent’s own…
Interpol’s global fraud sweep, China’s Claude Code flag, old Github account tricks
Interpol’s fraud sweep goes global China flags Claude Code Old GitHub accounts, new tricks Get the show notes here: https://cisoseries.com/cybersecurity-news-interpols-global-fraud-sweep-chinas-claude-code-flag-old-github-account-tricks/ Thanks to our episode sponsor, Vanta Your team just added its 67th AI tool. And unfortunately, also your 67th security…
IT Security News Hourly Summary 2026-07-10 09h : 8 posts
8 posts were published in the last hour 7:3 : Can a self-driving robotaxi take you to the police if you are doing something illegal in the car? 7:2 : Wireshark 4.6.7 Released With Fixes for Vulnerabilities Allowing Crashes via…
Can a self-driving robotaxi take you to the police if you are doing something illegal in the car?
Yes, it can, and this is exactly what happened to a couple of teenagers from San Mateo, CA. A Waymo robotaxi noticed that the two… The post Can a self-driving robotaxi take you to the police if you are doing…
Wireshark 4.6.7 Released With Fixes for Vulnerabilities Allowing Crashes via Malicious Packets
The Wireshark Foundation has released Wireshark 4.6.7, a security-focused update that fixes multiple vulnerabilities that can cause the popular network protocol analyzer to crash when processing specially crafted packets or capture files. Wireshark is widely used by security researchers, network…
Six U-Boot FIT Signature Verification Flaws Enable Code Execution and DoS Attacks
A new security analysis by Binarly Research has uncovered six critical vulnerabilities in the widely used U-Boot bootloader, exposing embedded systems and server management platforms to denial-of-service (DoS) attacks and potential arbitrary code execution. U-Boot is a foundational component in…