Nearly 14,000 internet-facing SimpleHelp servers are exposed following the disclosure of a critical authentication bypass vulnerability tracked as CVE-2026-48558. The flaw raises serious concerns for enterprises using the remote monitoring and management (RMM) platform. Horizon3.ai identified the vulnerability through its…
Tag: Cyber Security News
Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click
A critical vulnerability chain in Microsoft 365 Copilot Enterprise that let attackers steal sensitive corporate data, MFA codes, email contents, calendar details, and confidential files with nothing more than a single click on a link pointing to a legitimate Microsoft…
Anthropic Updated Privacy Policy to Include Identity Verification for Claude Users
Anthropic has updated its privacy policy for Claude, adding explicit terminology that allows the company to perform age and identity verification on consumer users. The change signals a tighter security and compliance stance across Claude Free, Pro, and Max plans.…
SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data
Threat intelligence sources have reported that the threat actor group SHADOWBYT3$ has allegedly breached Nintendo, claiming to have exfiltrated approximately 859 MB of sensitive internal data. The incident, first observed on June 13, 2026, remains unverified at the time of…
DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery
The open-source DPAPISnoop tool has been enhanced to extract CREDHIST entries, enabling offline cracking of historical Windows credentials and deeper insight into password patterns. Lefteris Panos, Security Consultant at LRQA Red Team, said the update adds CREDHIST extraction capabilities to…
Microsoft Site Showing Warning Following Certificate Expiry
Microsoft seems to have failed certificate management after a domain used by sysadmins globally to test connectivity to Microsoft 365 started generating untrusted connection warnings in browsers on Monday. The connectivity.office.com domain a widely relied-upon tool for IT professionals to…
China-Nexus Hackers Use Backdoored PAM Modules for Credential Theft and Authentication Bypass
A sophisticated China-linked threat actor known as Velvet Ant has been running a long-term cyber intrusion inside a major organization’s internal network, going undetected for nearly a decade. The campaign, now called Operation Highland, revealed a level of patience and…
Hackers Use Microsoft Graph Reconnaissance to Target Payroll and HR Employees
Hackers are using Microsoft’s own cloud tools to quietly hunt down payroll and HR staff inside corporate networks, then reroute employee salaries to accounts they control. Security teams are racing to respond as the campaign continues to spread across industries…
Hackers Abuse LNK Files, PowerShell, and Python Loader to Deploy NarwhalRAT
A sophisticated malware campaign is quietly targeting Korean users through a well-crafted chain of deception. Threat actors are using innocent-looking shortcut files, built-in Windows tools, and a compiled Python payload to plant a remote access trojan called NarwhalRAT on victim…
PromptSnatcher Ad Blocker Extensions Steal AI Chats From ChatGPT, Claude, and Gemini
Two browser extensions masquerading as ad blockers have been caught secretly recording private conversations from ChatGPT, Claude, Gemini, and five other major AI platforms. The extensions, named “Smart Adblocker” and “Adblock for Browser,” were installed by roughly 90,000 users before…
SearchJack Campaign Uses 23 Chrome Extensions to Hijack Searches of 758,000 Users
A coordinated campaign of 23 deceptive Chrome browser extensions has been quietly stealing users’ search queries and routing them through hidden revenue systems. The operation, now dubbed SearchJack, has affected roughly 758,000 Chrome users worldwide without any of them realizing…
Critical Wazuh Vulnerability Lets Attackers Tamper with Alerts and Delete Security Evidence
A critical security flaw in Wazuh Manager has been disclosed that could allow remote attackers to manipulate security alerts, delete forensic evidence, and tamper with SIEM data across environments. The vulnerability carries a maximum CVSS score of 10.0, highlighting its…
Windows 11 Update KB5094126 Freezes Systems, Forces BitLocker Recovery, and More
Microsoft’s June 2026 Patch Tuesday cumulative update for Windows 11, KB5094126 (OS Builds 26200.8655 and 26100.8655), has triggered a wave of reports across community forums and enterprise environments, with users experiencing system freezes, forced BitLocker recovery loops, broken OneDrive Explorer…
Threat Actor Malware Platform Exposed via Unlocked PHP Installation Page
A misconfigured PHP installation page exposed the internal infrastructure of a live malware distribution platform, allowing a security researcher to gain unintentional administrative access to a threat actor’s dashboard. What initially appeared to be a fake software download site turned…
Palo Alto Warns of GlobalProtect VPN Vulnerability Actively Exploited in the Wild
Palo Alto Networks Unit 42 has issued an urgent warning about active exploitation of CVE-2026-0257, a critical authentication bypass vulnerability affecting the GlobalProtect portal and gateway components of PAN-OS software. The flaw allows unauthenticated remote attackers to circumvent security controls…
WinRAR Vulnerability Exploited by Russian Hackers to Deploy GIFTEDCROOK Stealer
Russian hackers are exploiting a known flaw in WinRAR to quietly steal passwords, session cookies, and sensitive files from Ukrainian organizations. The vulnerability, tracked as CVE-2025-8088, was patched in July 2025, yet multiple Russia-aligned groups are still weaponizing it nearly…
SecSuite – AI-powered Tool for OSINT, Web and API Security Testing
A new open-source security platform called SecSuite, developed under the TheSecuredAnalyst project, has been released, combining OSINT reconnaissance, web vulnerability scanning, API security assessment, compliance checking, and AI-powered analysis into a single unified toolkit. Available on GitHub at 53cur3dL34rn/security-suite, the tool targets security professionals,…
152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic
152 Chrome “live wallpaper” extensions on the Chrome Web Store have been caught secretly logging user data and faking Google “organic search” traffic to inflate ad revenue, despite promising they do not collect any data. This adware‑adjacent campaign abuses new‑tab…
Maine Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings
The Office of the Maine Attorney General has temporarily taken its public-facing data breach reporting database offline after discovering that an unknown entity submitted fabricated breach notifications targeting two major online platforms, VRChat and Discord, in what officials are calling…
New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From a Hacker’s Server
New “Agentjacking” attack that hijacks AI coding agents and silently executes attacker-controlled code on developer machines using nothing more than a single injected Sentry error. The technique turns trusted AI assistants like Claude Code and Cursor into an execution layer…