A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gaining traction in the security research community for automating the full…
Tag: Cyber Security News
Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication
A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service. Tracked as CVE-2026-20253, the flaw has a CVSS score of 9.8 and affects Splunk Enterprise…
Anthropic Fable 5 and Mythos 5 Access Blocked to All Users Following Government Directive
Anthropic has disabled its two most capable AI models, Fable 5 and Mythos 5, after the U.S. government issued an export control directive late on June 12 ordering the company to block access for any foreign national, whether inside or…
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional malware. Researchers have uncovered an active operation targeting Brazilian organizations, where attackers trick employees into…
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as Fancy Bear, formally tracked as APT28 and attributed to Russia’s military intelligence unit GRU Unit 26165, has…
Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets
A fresh wave of supply chain attacks is putting blockchain developers, Web3 teams, and cloud engineers at serious risk. Researchers have uncovered a coordinated campaign involving multiple malicious packages on the npm registry, each designed to quietly steal sensitive secrets…
Google Sues Chinese Cybercrime Network for Using Gemini AI to Launch Cyberattacks
Google has filed a landmark lawsuit against a China-based cybercrime network called the “Outsider Enterprise,” marking the first time the tech giant has legally pursued threat actors for weaponizing its own Gemini AI platform to conduct large-scale phishing campaigns against…
Facebook and Instagram Down Globally, Users Reporting Multiple Issues
Several Facebook and Instagram users reported issues accessing the social media platforms amid a global outage of Meta on Friday. Meta’s social media ecosystem experienced a significant global disruption on Friday, leaving millions of users unable to access Facebook and…
Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications
A new and dangerous credential-stealing tool called OnyxC2 has emerged in the cybercrime underground, showing just how easy it has become for even low-skilled attackers to run a professional hacking operation. Sold as a complete package for $250 a month,…
SHEETCREEP C# RAT Abuses Google Sheets API as C2 to Target Diplomatic Organizations
A newly identified remote access trojan named SHEETCREEP is making headlines for its clever use of Google Sheets as a hidden communication channel between attackers and infected machines. This C# malware targets diplomatic organizations, using a carefully crafted lure to…
Critical Vulnerability Chain in LangGraph Allows Attackers to Gain Full Server Control
A critical vulnerability chain discovered in LangGraph, a popular open-source AI agent framework developed by the creators of LangChain, could allow attackers to gain full server control through remote code execution (RCE). The issue, identified by Check Point Research, highlights…
400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers
A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems. The campaign, dubbed “Atomic…
Solana FakeFix Campaign Uses 25 Malicious npm and PyPI Packages to Steal Developer Secrets
A newly discovered supply chain campaign is putting Solana developers at serious risk, with attackers hiding malicious code inside fake developer packages on npm and PyPI. The operation, tracked as “Solana FakeFix,” deployed 25 malicious packages designed to steal wallet…
Hackers Use Free Spotify Premium Hacks on TikTok and Instagram to Spread Vidar Infostealer
Hackers are now turning popular social media platforms into malware delivery channels, using the promise of free software to trap unsuspecting users. Short-form video platforms like TikTok and Instagram Reels have become the latest tools in a cybercriminal’s playbook, with…
Authorities Dismantle Cryptocurrency Laundering Services ‘AudiA6’ Used by Ransomware Gangs
Authorities have dismantled a major cryptocurrency laundering service known as “AudiA6,” widely used by ransomware groups and cybercriminal networks to obscure illicit financial flows and cash out stolen digital assets. The international operation targeted what investigators described as an industrial-scale…
Google Patches 28 Chrome Vulnerabilities that Allow Attackers to Execute Malicious Code
Google has released a new Chrome security update addressing 28 vulnerabilities, including several critical flaws that could allow attackers to execute malicious code on affected systems. The latest Stable channel update upgrades Chrome to version 149.0.7827.114/.115 on Windows and macOS,…
Palo Alto PAN-OS Vulnerability Allows Attackers to Execute Arbitrary Commands as Root User
Palo Alto Networks fixed a new command injection vulnerability in PAN‑OS (CVE-2026-0273) that allows authenticated administrators to execute arbitrary commands as root via the CLI or web management interface. Two related medium‑severity issues in the same advisory window cover CLI…
Microsoft Outlook and Word Vulnerabilities Allow Attackers to Execute Malicious Code
Microsoft released critical fixes for three closely related remote code execution (RCE) vulnerabilities in Microsoft Outlook and Word that stem from low‑level memory‑safety flaws in the Word rendering engine and its integration with Outlook Classic. These bugs, tracked as CVE‑2026‑45456,…
Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters
Mandiant and Google Threat Intelligence Group (GTIG) have issued a critical warning after identifying an active compromise-and-extortion campaign targeting Oracle PeopleSoft infrastructure, attributed to the notorious threat actor UNC6240, also known as ShinyHunters. The campaign exploited CVE-2026-35273, a critical unauthenticated…
Microsoft Teams for Android Vulnerability Allows Attackers to Disclose Sensitive Data
Microsoft has disclosed a significant security vulnerability in Microsoft Teams for Android that could allow an authenticated attacker to expose sensitive information over a network. The flaw, tracked as CVE-2026-42835, was officially released on June 9, 2026, and has been…