A sponsored Google ad impersonating Anthropic’s Claude Code CLI has been caught delivering “MacSync Stealer,” a macOS credential harvester that also silently trojans Ledger Live and Ledger Wallet apps to steal crypto seed phrases. The campaign was discovered and fully…
Malicious Google Notes Extension Swaps Crypto Wallet Addresses During Transactions
Technically sophisticated campaign delivering a malicious Chromium extension that silently swaps cryptocurrency wallet addresses during transactions. Delivered via unsigned installers observed in both .NET and Golang variants access, the payload masquerades as a minimalist “Google Notes” browser extension. Once deployed,…
What is Penetration Testing? A Complete Guide for 2026
By HOC Team | Last updated: June 2026 | Read time: ~20 min Penetration testing — also called… The post What is Penetration Testing? A Complete Guide for 2026 appeared first on Hackers Online Club. This article has been indexed…
BioShocking: when “gaming” AI agents is no longer a game
Researchers warned AI vendors about a proof-of-concept called BioShiocking that tricks agents by gamifying the outcome. This article has been indexed from Malwarebytes Read the original article: BioShocking: when “gaming” AI agents is no longer a game
2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience
Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms this is the case, as this year’s findings reveal a series of surprising…
IT Security News Hourly Summary 2026-07-01 15h : 12 posts
12 posts were published in the last hour 12:34 : CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks 12:34 : OpenClaw: risks for agent users and how to mitigate them 12:34 : The SOC Files: ScreenConnect masked as…
CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers…
OpenClaw: risks for agent users and how to mitigate them
Researching OpenClaw vulnerabilities, malicious skills and other security issues with the popular agent, and providing tips on how to mitigate them. This article has been indexed from Securelist Read the original article: OpenClaw: risks for agent users and how to…
The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign
Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure. This article has been indexed from Securelist…
The Chaya_006 Alert: OT Edge Devices Under Fire
The Chaya_006 Edge Campaign Forescout’s Vedere Labs just dropped a threat briefing on a campaign they’re tracking as Chaya_006, and it’s a textbook example of how fast threat actors move… The post The Chaya_006 Alert: OT Edge Devices Under Fire…
Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
Frankfurt am Main, Deutschland, 1st July 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
ToddyCat Uses Shadow Token via Remote Debug to Compromise Gmail Accounts
ToddyCat, an advanced persistent threat group long associated with targeted espionage against corporate environments, has evolved its toolkit to exploit OAuth-based authorization flows and compromise Gmail accounts without directly stealing credentials. Umbrij is deployed on Windows hosts using DLL sideloading:…
MacSync Stealer Hijacks macOS via Fake Claude Code Google Ads – Full Attack Chain Exposed
MacSync Stealer is a newly discovered macOS infostealer actively distributed through a sophisticated malvertising campaign on Google Ads that impersonates Anthropic’s Claude Code CLI. Security researchers from Beezlebub have uncovered the complete attack chain, revealing a multi-stage infection process that…
Attackers Weaponizing Trusted Windows Drivers to Kill AV and EDR Processes
Attackers are increasingly abusing trusted Windows drivers to turn off antivirus (AV) and endpoint detection and response (EDR) tools, using a technique known as Bring Your Own Vulnerable Driver (BYOVD). Once considered niche, BYOVD has rapidly become a standard component…
Multiple Citrix NetScaler ADC and Gateway Vulnerabilities Enables DoS and Memory Overflow Attacks
Multiple high-severity vulnerabilities have been identified in Citrix NetScaler ADC and NetScaler Gateway, exposing affected systems to denial-of-service (DoS) and memory overflow attacks. The issues, tracked under CVE-2026-8451, CVE-2026-8452, CVE-2026-8655, CVE-2026-10816, CVE-2026-10817, and CVE-2026-13474, were disclosed in a security bulletin…
Chrome needs another whopper update to fix 382 security bugs
Google’s released a huge update of 382 security fixes, 15 of which were rated as critical. So, it’s time to update again! This article has been indexed from Malwarebytes Read the original article: Chrome needs another whopper update to fix…
Dawnguard launches platform to automate secure cloud architecture
Dawnguard announced the public launch of its security architecture automation platform, making it available to organizations looking to design, build, and operate secure cloud-native systems from day zero through production. The launch marks the company’s move from enterprise design partnerships…
Netzilo adds runtime governance for AI agents across major platforms
Netzilo has announced expanded AI agent governance and runtime enforcement capabilities for Amazon Bedrock AgentCore and other major AI agent harnesses. As enterprises move AI agents from experimentation into production, agents are becoming a new enterprise edge. They operate across…
Arrest of Iranian Hacker Spotlights Iran’s Movement into Economic Espionage and IP Theft
A lot has been written in the last decade about China’s economic espionage through its theft of intellectual property. Former FBI Director Christopher Wray once referred to these thefts as “one of the largest transfers of wealth in human history."…
CISA Adds Actively Exploited SimpleHelp Vulnerability to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in SimpleHelp, tracked as CVE-2026-48558, and added it to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that the vulnerability is actively being exploited in the wild,…
FCC Bans Chinese-Produced Network Equipment Linked to Cyber and Espionage Risks
The U.S. Federal Communications Commission (FCC) has implemented comprehensive new restrictions banning the import and marketing of Chinese-produced telecommunications and surveillance equipment identified as posing significant cybersecurity and espionage risks. Announced on June 26, 2026, this updated regulation addresses a…
RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow
RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have been tracking a new malware family, called RustDuck, that hijacks routers,…
Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack
Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on SecurityWeek. This article has…
Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities
Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…