Tag: Cyber Security News

A newly confirmed vulnerability in the telnet daemon (telnetd) in GNU Inetutils has revived a 27-year-old security flaw, allowing attackers to gain root access by exploiting improper sanitization of environment variables, with no authentication required. Tracked as CVE-2026-24061, the flaw exists…

Read more →

A critical security flaw in Anthropic’s Claude Code demonstrates how threat actors can exploit repository configuration files to execute malicious code and steal sensitive API keys. The vulnerabilities, tracked as CVE-2025-59536 and CVE-2026-21852, highlight a significant shift in the software…

Read more →

Firefox 148 introduces the new standardized Sanitizer API, becoming the first browser to implement it. The update marks a major step forward for web security, giving developers a straightforward and effective way to prevent Cross-Site Scripting (XSS) attacks. XSS is…

Read more →

A suspected Chinese state-linked hacking group has been caught running one of the most far-reaching cyber espionage operations ever uncovered — silently breaching telecom providers and government bodies across four continents for nearly a decade. Google has now stepped in…

Read more →

Kali Linux has officially introduced a native AI-assisted penetration testing workflow, enabling security professionals to issue natural-language commands through Anthropic’s Claude AI, which are then translated into live terminal commands on a Kali Linux environment, all bridged via the open-source…

Read more →

A hacker exploited Anthropic’s Claude AI chatbot over a month-long campaign starting in December 2025, using it to identify vulnerabilities, generate exploit code, and exfiltrate sensitive data from Mexican government agencies. Cybersecurity firm Gambit Security uncovered the breach, revealing how…

Read more →

Cisco has disclosed a critical zero-day vulnerability in its Catalyst SD-WAN products that threat actors have exploited since 2023 to bypass authentication and achieve root access. Tracked as CVE-2026-20127, the flaw affects core networking components and prompts urgent patching amid…

Read more →

A newly disclosed research finding has revealed that Palo Alto Networks’ Cortex XDR Live Terminal feature can be turned into a command-and-control (C2) channel by attackers. Since this feature runs inside a trusted endpoint detection and response (EDR) agent, the…

Read more →

The mobile threat landscape is witnessing a significant shift toward professionalized cybercriminal operations, driven by the increasing availability of sophisticated malicious tools. A new and potent threat known as SURXRAT has recently emerged, operating as a high-functioning Remote Access Trojan…

Read more →

Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has recently surfaced that impersonates the cybersecurity firm Avast. This operation is designed to harvest sensitive financial credentials by tricking users into believing they…

Read more →

How much time do you spend reviewing alerts that turn out to be harmless?  In many teams, a single alert takes around 30 minutes to investigate. Not because it’s complex, but because you have to pull context from multiple tools…

Read more →

U.S. authorities have confirmed that threat actors are actively exploiting a critical vulnerability in FileZen by Soliton Systems K.K.. Due to the high risk associated with this flaw, CISA has officially added it to the Known Exploited Vulnerabilities (KEV) Catalog.…

Read more →

Threat actors are always looking for new ways to abuse trusted platforms, and Microsoft Entra ID is increasingly becoming a target through a technique known as OAuth consent abuse. A newly documented attack scenario shows how a malicious or overly…

Read more →

An urgent security update has been released for the Serv-U file server software to fix multiple critical vulnerabilities that could allow attackers to fully compromise affected systems. The latest release, Serv-U version 15.5.4, addresses four high-severity security flaws, each with…

Read more →

Purview Data Loss Prevention (DLP) controls are being expanded to block Microsoft 365 Copilot from processing sensitivity-labeled files across all storage locations, including local devices. The change aims to close a critical governance gap in enterprise AI deployments. Previously, DLP…

Read more →

Organizations are being reminded that three Windows releases first introduced in 2016 are nearing end-of-support. After receiving their final monthly security update, they will no longer get security patches, bug fixes, non-security updates, technical support, or updated online documentation. Product…

Read more →

An optional non-security update, KB5077241, has been released for Windows 11 versions 25H2 and 24H2, improving overall functionality, performance, and reliability without addressing security vulnerabilities. The release, which brings the OS builds to 26200.7922 and 26100.7922, includes enhancements to user…

Read more →

A coordinated attack campaign is actively targeting software developers through malicious repositories disguised as legitimate Next.js projects and technical assessment materials. The attackers rely on job-themed lures, presenting fake recruitment challenges that convince developers to clone and run poisoned code…

Read more →

Multiple vulnerabilities have been discovered in CryptoPro Secure Disk (CPSD) for BitLocker, a widely used encryption solution. These flaws could allow an attacker with physical access to a device to gain persistent root access and steal sensitive credentials. The issues…

Read more →

A critical vulnerability in Apache ActiveMQ has been actively exploited by threat actors, leading to a full LockBit ransomware deployment across an enterprise network. Attackers leveraged CVE-2023-46604, a remote code execution flaw in the ActiveMQ messaging broker, to break into…

Read more →