Iran-linked hackers have launched a sweeping campaign of digital destruction across the United States and the Middle East, wiping IT systems, erasing backups, and dismantling recovery infrastructure at multiple organizations. The attacks, carried out under a pro-Iranian persona called “Ababil…
Tag: Cyber Security News
Microsoft Tightens Entra ID Password Resets With New Authentication Change
Microsoft has announced a significant security update to its Entra ID Self-Service Password Reset (SSPR) feature, introducing stricter authentication requirements designed to reduce identity-based attacks. The update mandates the use of explicitly registered authentication methods, removing reliance on directory-stored contact…
Microsoft Clarifies It Won’t Sue Security Researchers Amid Nightmare-Eclipse Controversy
Microsoft has clarified its stance, reducing perceived legal threats and reaffirming its commitment to coordinated vulnerability disclosure, following significant backlash from the security research community. In a carefully worded statement released in late May 2026, Microsoft’s Security Response Center (MSRC) moved to…
Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks
A new wave of phishing attacks is targeting users of Signal, the encrypted messaging app trusted by journalists, activists, and privacy-conscious individuals worldwide. Hackers are impersonating Signal’s support team and tricking users into handing over their backup recovery keys, which…
Famous Chollima Hackers Target PHP Developers Using Compromised Packagist Package
A well-known North Korean threat actor has been caught hiding malware inside a legitimate PHP package available through Packagist, the main package repository for PHP projects. The attack takes direct aim at software developers, disguising a dangerous payload as a…
Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts
A critical flaw in Meta’s AI-powered account recovery tool on Instagram allowed attackers to hijack high-value accounts by tricking the chatbot into forwarding password reset codes with no verification required. Security researchers ZachXBT and Dark Web Informer were among the…
Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild
The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments. The flaw affects Windows servers configured as domain controllers and…
Microsoft Releases KB5089573 for Windows 11 to Fix Patch Tuesday Install Issues
Microsoft has rolled out a new cumulative update, KB5089573, for Windows 11 versions 25H2 and 24H2, targeting a critical installation failure that affected users following the May 2026 Patch Tuesday release. The update brings OS builds to 26200.8524 and 26100.8524,…
GitLab Patches Multiple Duo AI, DoS, and Authorization Flaws in Community and Enterprise Edition
GitLab has released emergency security updates for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple Duo AI, denial‑of‑service, and authorization flaws in recent versions of the platform. On May 27, 2026, GitLab shipped versions 19.0.1, 18.11.4, and 18.10.7…
Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others
Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed sequence. Developed by Armur AI, it gives security professionals live, coordinated access to the full…
Google Chrome’s Device-Bound Session Credentials Now GA to Block Account Takeovers
Google has officially moved Device Bound Session Credentials (DBSC) to general availability in the Chrome browser on Windows, delivering a powerful defense against one of the most persistent threats in modern cybersecurity session cookie theft. Previously available in beta for…
Post-quantum cryptography is not the future. It is your current reality.
For most of the last decade, post-quantum cryptography lived in a particular kind of conversation. It came up at security conferences. It appeared in NIST press releases. CISOs nodded politely when it surfaced in briefings, filed it under “things to…
Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild
Palo Alto Networks authentication bypass vulnerability, CVE-2026-0257, affecting PAN-OS and Prisma Access, is now being actively exploited in the wild, with CISA adding it to the Known Exploited Vulnerabilities (KEV) catalog on May 29, 2026. Palo Alto Networks published its…
GREYVIBE Hackers Leverage ChatGPT and Google Gemini to Fuel Cyberattacks
GREYVIBE hackers are increasingly leveraging generative AI tools such as ChatGPT and Google Gemini to enhance cyberattack operations. The campaign, active since at least August 2025, primarily targets Ukraine and related entities across the government, military, and civilian sectors, highlighting…
Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords
A newly discovered malicious NuGet package masquerading as an official Sicoob software development kit (SDK) has been caught exfiltrating highly sensitive banking credentials, raising serious concerns about software supply chain security in financial ecosystems. The package, published under the name…
From 200 CVEs to Actionable Fixes – DockSec Brings AI to Container Security
Ask any developer who has run a container image scan what happens next, and you will hear the same story. The scanner returns 200 CVEs. Most are noise. A handful are real. The report gets closed, the image ships, and…
Attackers Abuse Trusted Developer Tooling to Exfiltrate Source Code and Secrets
A wave of sophisticated supply chain attacks has put millions of software developers on high alert, with threat actors turning everyday developer tools into weapons for stealing credentials, cloud tokens, and source code. What makes these campaigns especially alarming is…
JINX-0164 Threat Actor Using LinkedIn Social Engineering to Deploy Custom macOS Malware
A new threat actor tracked as JINX-0164 has been running calculated attacks against cryptocurrency organizations, using LinkedIn profiles to lure developers into downloading custom macOS malware. Active since at least mid-2025, the group has combined social engineering, credential theft, and…
Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges
A newly analyzed ransomware strain called The Gentlemen is raising serious alarms across the cybersecurity community. Built in the Go programming language and obfuscated with a tool called Garble, it combines powerful per-file encryption with an aggressive ability to spread…
Oracle Critical Security Update – Patch for 35 New Vulnerabilities Across Products
Oracle has rolled out its first Critical Security Patch Update (CSPU), delivering 35 new security fixes for serious vulnerabilities across several major product lines, including Oracle Database, Oracle REST Data Services, Oracle Communications Unified Assurance, Oracle E‑Business Suite, and Oracle…