A critical vulnerability has been disclosed in FFmpeg’s MagicYUV decoder that allows attackers to weaponize seemingly harmless media files and, in some scenarios, achieve remote code execution (RCE). The flaw, tracked as CVE-2026-8461 and dubbed “PixelSmash,” is a heap out-of-bounds…
Tag: Cyber Security News
Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets
A critical security vulnerability has been identified in the widely used libssh2 library, allowing remote attackers to execute arbitrary code through specially crafted SSH packets. The flaw, tracked as CVE-2026-55200, carries a CVSS score of 9.2 and is classified under…
New Phishing Attack Abuses Outlook and Microsoft 365 Groups Features to Attack Users
Phishing attacks have grown more sophisticated, and attackers are no longer relying on clunky fake emails or obvious scam messages. A newly identified campaign shows how threat actors are turning everyday Microsoft 365 tools into weapons, hiding their attacks inside…
Tata Electronics Data Breach Exposes Confidential Apple and Tesla Documents
Indian electronics manufacturing giant Tata Electronics confirmed a “cybersecurity incident” on Monday after ransomware group World Leaks published over 200,000 files totaling more than 630 gigabytes on the dark web, allegedly containing proprietary and confidential documents belonging to Apple and…
Researcher Earns $148,337 for Google Cloud Production RCE Vulnerability
A researcher has earned a total of 148,337 USD from Google for uncovering a set of flaws in Google Cloud’s Application Integration service that escalated into remote code execution (RCE) in Google Cloud production. The core bug is now tracked…
OpenAI Releases GPT‑5.5‑Cyber With Full Automation for Vulnerability Detection and Patching
OpenAI has officially launched the full version of GPT‑5.5‑Cyber, a specialized AI model engineered for advanced vulnerability detection, patch generation, and automated remediation at machine speed. The release is part of OpenAI’s broader Daybreak initiative, which aims to democratize defensive…
Hackers Using FortigateSniffer Tool That Turns Compromised Firewalls Into Password Collectors
A financially motivated threat actor has deployed a custom Golang-based tool called FortigateSniffer across more than 430,000 FortiGate firewalls globally, silently harvesting over 110 million credentials since at least February 2026, including confirmed data exfiltration from a NATO-aligned defense contractor.…
AryStinger Botnet Hijacks 4,300+ Routers to Build Global Attack Proxy Network
A newly discovered botnet called AryStinger has quietly hijacked more than 4,300 routers across the globe, turning them into a silent army of attack proxies. The threat actors behind this campaign are exploiting decade-old vulnerabilities to build a covert reconnaissance…
Malicious GST Debit Note Attachment Deploys Remcos RAT Through Multi-Stage Loader
A sophisticated phishing campaign is actively targeting users in India by disguising malware as a routine GST debit note. The attack delivers a powerful remote access tool called Remcos RAT through a cleverly constructed multi-stage loader, giving attackers deep and…
Windows RAT Uses Encrypted HTTP C2 and Registry Persistence After npm Infection
A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate CSS build tool, the malicious package quietly installs a full-featured Remote Access Trojan, or RAT, on developer machines. The…
23 ClawHub Plugins Abuse Official Org Scopes to Impersonate Trusted AI Agent Tools
A new supply chain threat has surfaced in the AI agent ecosystem that is both subtle and serious. Researchers uncovered 23 plugins on the ClawHub registry published under official organizational scopes without any authorization from ClawHub or its parent project,…
Hackers Use RemotePC RMM and PowerShell Stagers to Deploy Prinz Eugen Ransomware
A newly identified ransomware group is using remote management software and scripted attack tools to compromise organizations and deploy a sophisticated encryption threat called Prinz Eugen. The campaign has claimed victims across multiple countries, with targets ranging from major financial…
Klue Hack Leads to Data Breach Across Multiple Cybersecurity Companies
A sophisticated supply chain attack on market intelligence platform Klue has compromised Salesforce data across at least nine organizations, including several high-profile cybersecurity firms, with the newly emerged Icarus extortion group claiming responsibility and threatening to release stolen data. The…
Apple Beats Studio Buds Vulnerability Allows Hackers to Eavesdrop on Users
Apple has addressed a high-severity vulnerability in the Beats Studio Buds that could allow nearby attackers to eavesdrop on users via the device’s microphone, even when the earbuds are not actively paired. Apple fixed the Bluetooth vulnerability in Beats Firmware…
AI-Powered iOS Apps Leaking LLM API Credentials Through Network Traffic
AI-powered iOS applications are increasingly leaking large language model (LLM) API credentials through network traffic, exposing developers to large-scale abuse of their LLM accounts and cloud resources. A recent empirical study of 444 free, LLM-enabled iOS apps from the US…
Microsoft Entra Conditional Access Policies Can Be Bypassed Via Nested App Authentication
Microsoft Entra Conditional Access Policies (CAPs), a core security control for Azure and Microsoft 365 tenants, were recently found vulnerable to a bypass technique involving Nested App Authentication (NAA), according to research disclosed by NetSPI. CAPs are widely deployed to…
Microsoft’s New Option Allows Organizations to Block Copilot Access to Office Files
Microsoft has announced a significant update to its Microsoft 365 security and compliance features, introducing enhanced controls that allow organizations to block Copilot and other connected experiences from analyzing content in Office files. The update is tied to Microsoft Purview…
29-Year-Old ‘Squidbleed’ Vulnerability Discovered With the Aid of Claude Mythos Preview
A Heartbleed-style heap buffer overread lurking in Squid Proxy since 1997 can silently leak HTTP headers, including passwords and API keys, from other users on the same proxy. Security researchers at Calif.io have disclosed a critical memory disclosure vulnerability in…
New Malware Attack Via WhatsApp Attacking Windows System to Enable Remote Access For Attackers
A new and active malware campaign is spreading through WhatsApp, targeting everyday Windows users across more than a dozen countries. The threat uses malicious script files disguised as routine financial documents, tricking people into running harmful code on their own…
Microsoft has urged IT Admins to Prepare for Windows 11, Version 26H2 Update
Microsoft has urged IT administrators to begin preparing for the upcoming Windows 11 version 26H2 update, which is now available for testing through the Windows Insider Program. The release continues Microsoft’s shift toward a predictable, low-disruption servicing model designed to…