Organizations today operate in an increasingly hostile cyber threat landscape where data protection has become a critical business requirement. While digital transformation delivers greater efficiency and accessibility, it also expands the attack surface that cybercriminals seek to exploit. As a…
Tag: Cyber Security News
Hackers Actively Exploiting WordPress SMTP Plugin With 100,000+ Installs to Access Sensitive Data
Hackers are actively abusing a sensitive information exposure flaw in the Gravity SMTP WordPress plugin, aggressively targeting over 100,000 sites to harvest configuration data and live email credentials. The vulnerability, tracked as CVE‑2026‑4020 and rated 5.3 (Medium), affects all Gravity…
Microsoft Office Applications Might Fail to Open Following Windows 11 June Update
Microsoft’s June 2026 Patch Tuesday update for Windows 11 (KB5095051) is causing unexpected issues, with users reporting that Microsoft Office applications fail to launch when accessed through certain third-party applications. The issue is listed as a known problem in the…
Rust Clipboard Hijacker Uses Fake GitHub Stars and VirusTotal Upvotes to Steal Crypto
A newly discovered malware campaign is quietly draining cryptocurrency wallets by doing something most security tools never see coming. Instead of relying on brute-force attacks or dark web exploits, the threat actor behind this campaign built a fake reputation engine…
Hackers Abuse PowerShell, VBScript, and BAT Files to Deliver Xctdoor Backdoor
A new wave of cyberattacks is targeting corporate employees through files that look exactly like legitimate job documents. Hackers are distributing malicious LNK files disguised as resumes, and the moment a victim opens one, the infection quietly begins. The attack…
PoC Exploit Released for HTTP/2 Bomb Remote DoS Vulnerability in Apache HTTP Server
A proof-of-concept (PoC) exploit has been publicly released for a critical Denial of Service vulnerability in Apache HTTP Server, tracked as CVE-2026-49975, dubbed the “HTTP/2 Bomb.” The flaw allows remote attackers to exhaust server memory and disrupt services without authentication,…
Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch
Microsoft has officially acknowledged a critical zero-day vulnerability in Microsoft Defender, publicly dubbed “RoguePlanet,” and confirmed it is actively developing a security patch to address the flaw. Tracked as CVE-2026-50656, the vulnerability was formally published on June 16, 2026, by…
Hackers Abuse Cloud Logging Services to Evade Detection and Defender’s Visibility
Threat actors are increasingly targeting cloud logging services to evade detection and maintain persistent visibility into compromised environments, according to recent research by Palo Alto Networks Unit 42. These services, designed as a critical security layer, are now being weaponized…
GitBait Phishing Campaign Abuses GitHub Pages to Attack Financial Institutions
A sophisticated phishing campaign called “GitBait” has been caught targeting Mexico’s financial sector with a level of precision rarely seen in credential-theft operations. The campaign abuses GitHub Pages, a widely trusted free hosting service, to deliver fake banking portals that…
Google Cloud Vertex AI Allows Attacker to Hijack Victim’s Model and Poison it
A newly disclosed vulnerability in Google Cloud Vertex AI could have allowed attackers to hijack machine learning model uploads and execute malicious code in victim environments, according to research shared with Google under responsible disclosure. The issue affects the Vertex…
Hackers Use Fake Software Update Prompts to Steal Passwords and Crypto Wallet Data From macOS Users
A dangerous new cyber campaign is putting macOS users at serious risk, and it does not rely on software bugs to do its damage. Instead, the attackers trick people into handing over their own passwords and sensitive data by making…
Fortra Access Manager Vulnerability Enables Remote Command Injection Attacks
Fortra has disclosed a critical security vulnerability in its Core Privileged Access Manager (BoKS) that could allow remote attackers to execute arbitrary commands on affected systems. CVE-2026-9862 is a critical OS command injection (CWE-78) flaw in the boks_autoregisterd service, carrying…
CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks
CISA has added a critical Oracle PeopleSoft vulnerability, tracked as CVE-2026-35273, to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw affects Oracle PeopleSoft Enterprise PeopleTools and enables unauthenticated attackers to gain full control over…
Multiple JetBrains IDE Plugins 70,000+ Installs Caught Stealing AI keys
A large-scale malware campaign has been uncovered on the JetBrains Marketplace, where at least 15 malicious IDE plugins were found stealing sensitive API keys from developers. These plugins, downloaded over 70,000 times, were published under seven different vendor accounts and…
ErrTraffic MaaS Uses Fake reCAPTCHA and Cloudflare Turnstile Lures to Execute PowerShell Commands
A new and rapidly growing cybercrime tool called ErrTraffic is making waves across the threat landscape, targeting internet users through cleverly disguised verification screens. The framework tricks victims into running malicious PowerShell commands on their own machines, all while believing…
Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records
Eastman Kodak has confirmed a cybersecurity incident after the ShinyHunters extortion group posted a threat on its dark web leak site, claiming to have stolen over 2.2 million records containing customer personally identifiable information (PII) and internal corporate data. The…
Hackers Compromised 140+ Mastra npm Packages to Deploy Password-Stealing Malware
A sophisticated supply chain attack has targeted the Mastra-AI npm ecosystem, with researchers from Microsoft and Socket identifying over 141 compromised packages designed to silently deploy an infostealer payload on developer machines, CI/CD runners, and build environments. The campaign, detected…
U.S. Commerce Dept Imposes Export Controls on Anthropic’s Claude Mythos 5 and Fable 5
The Bureau of Industry and Security (BIS) has issued a landmark “Is Informed” letter to Anthropic CEO Dario Amodei, mandating that the company obtain an individually validated export license before sharing its Claude Mythos 5 and Claude Fable 5 AI…
AIRecon: AI-Powered Penetration Testing Tool with Kali Linux Sandbox
AIRecon is an autonomous penetration testing agent that runs entirely offline, combining a self-hosted Ollama LLM with a Kali Linux Docker sandbox to automate end-to-end security assessments without exposing any data to the cloud. Developed by researcher pikpikcu, it eliminates…
Using Real-Time Network Monitoring to Spot Suspicious Application Behavior on macOS
In this guide, we will see how real-time network monitoring helps you spot suspicious application behavior on macOS, why traditional defenses leave a visibility gap, and how a lightweight monitoring tool can close it without turning your Mac into a…