A Chinese-speaking threat group known as CL-STA-1062 has been running a quiet but aggressive campaign against government agencies and critical energy infrastructure across Southeast Asia. The attackers, active since at least March 2022, spent much of 2025 targeting state-owned enterprises…
Mystery hackers use novel SharkLoader dropper against governments, software devs
Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto the campaign while investigating an attack on a diplomatic organization in Indonesia. What initially looked…
Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious…
Russia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff
Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding,…
Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets
Turla has been using the backdoor against government and military organizations in Ukraine for espionage. The post Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst
macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gaslight, that surfaced in early June after an Apple XProtect update pointed to a VirusTotal…
American Tower – 216,601 breached accounts
In June 2026, telecommunications tower infrastructure company American Tower was the target of a ShinyHunters “pay or leak” extortion campaign. The group subsequently published data allegedly taken from the company containing more than 200k unique email addresses belonging to employees,…
CISA Warns of Cisco Unified CM Vulnerability Exploited in Attacks
CISA has added a critical server-side request forgery (SSRF) vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies and organizations to apply patches immediately amid active exploitation in the wild. The…
First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
SIM-swapping gang busted in international police operation
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested four suspected members of an organized cybercrime group accused of SIM swap attacks, cryptocurrency theft, and money laundering. The operation involved agents from the U.S. Federal Bureau of Investigation (FBI)…
Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy.…
WhatsApp Adds Security Warning Before Users Start Chat With Unknown Numbers
WhatsApp has introduced a new proactive security feature that warns users before they start conversations with unknown phone numbers. This update, currently being rolled out to both Android and iOS users, adds a trust verification layer at the very beginning…
KuinaExtractor Stealer Targets Browser Data, Crypto Wallets, Roblox, Steam, and Discord
A previously undocumented Rust-based infostealer they call KuinaExtractor, a family that has evolved from a capable early prototype into a hardened, stealth-focused threat now rebranded as “k0to.” Analysis of dozens of samples and function-level code comparisons reveals a clear single-operator…
New Enterprise-Ready MCP Specification Brings New Security Challenges
A major overhaul of the Model Context Protocol shifts critical security responsibilities from the protocol itself to developers and platform operators. The post New Enterprise-Ready MCP Specification Brings New Security Challenges appeared first on SecurityWeek. This article has been indexed…
ZeroTier Quantum RC2 brings post-quantum security closer to general availability
ZeroTier has announced the release candidate 2 (RC2) for ZeroTier Quantum, its end-to-end quantum-secure networking platform. This milestone marks the final testing phase, positioning the platform one step away from general availability (GA). ZeroTier Quantum addresses the looming threat quantum…
CMC Releases Analysis and Guidance for Education Sector After Canvas Data Breach
The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: CMC Releases Analysis and Guidance for…
ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity and Access Management
This is the part 3 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity…
How AI-powered cyberthreats are changing home security
Artificial intelligence is changing cybercrime fast, and the impact is no longer limited to large companies or banks. As attackers use AI to uncover weaknesses,… The post How AI-powered cyberthreats are changing home security appeared first on Panda Security Mediacenter.…
ThreatModeler introduces Nexus to automate threat modeling with AI governance
ThreatModeler has announced the general availability of ThreatModeler Nexus, an agentic threat modeling platform that brings governed, architecture-aware security to the way modern software is actually built. As AI writes a growing share of production code, the question is no…
ShinyHunters hits MSG, Cal Water confirms no damage, CISA SASE guide
ShinyHunters hits Madison Square Garden Cal Water finds no evidence of OT activity New CISA guide helps agencies adopt SASE for Zero Trust Get the show notes here: https://cisoseries.com/cybersecurity-news-shinyhunters-hits-msg-cal-water-confirms-no-damage-cisa-sase-guide/ Huge thanks to our episode sponsor, Guardsquare Attackers are treating your…
IBM Unveils 3D-Stacked .7nm Chip Design
IBM says ‘nanostack’ approach could fit nearly 100 billion transistors into fingernail-sized area, amid soaring demand for processing power This article has been indexed from Silicon UK Read the original article: IBM Unveils 3D-Stacked .7nm Chip Design
Zhipu’s GLM-5.2 Now World’s Third Most Widely Used AI Model
Chinese start-up’s latest tech soars in worldwide usage after jump in benchmark scores, suspension of latest Anthropic models This article has been indexed from Silicon UK Read the original article: Zhipu’s GLM-5.2 Now World’s Third Most Widely Used AI Model
ChatGPT 5.6 Release Reportedly Delayed Following Trump Administration Security Request
OpenAI has reportedly delayed the full public release of its next-generation AI model, GPT-5.6, following a formal request from the Trump administration to limit early access to a select group of government-approved entities. This raises new concerns about the intersection…
Chinese-Speaking Hackers Deploy TinyRCT Backdoor Against Critical Energy Infrastructure
A Chinese-speaking threat cluster tracked as CL-STA-1062 has deployed a newly discovered .NET backdoor, TinyRCT, in targeted campaigns against government and critical energy infrastructure across Southeast Asia during 2025. The recent campaign combines common open-source tooling with bespoke malware. Operators…