A new wave of supply chain attacks is spreading across the open source world, and this time the target is developers themselves. Security researchers have uncovered a campaign called PolinRider that hides malicious JavaScript loaders inside trusted code repositories, waiting…
Tag: Cyber Security News
Multiple WatchGuard Firebox OS Vulnerabilities Enable Arbitrary Code Execution Attacks
Multiple high‑severity vulnerabilities in WatchGuard Firebox devices running Fireware OS could let authenticated attackers execute arbitrary code and take full control of affected appliances. WatchGuard has disclosed three high‑impact vulnerabilities in Fireware OS affecting Firebox firewall appliances, all scored 8.6…
Anthropic Details Claude Fable 5 Cybersecurity Safeguards and Jailbreak Framework
Anthropic has published detailed technical documentation on the cybersecurity safeguards protecting Claude Fable 5, following the model’s global redeployment. The disclosure covers both the AI’s safety classifier system and a draft framework for grading jailbreak severity, developed in partnership with…
Hacker Used Claude AI to Score Free Tickets to Nearly Every US Music Show
A critical unauthenticated SQL injection vulnerability in Front Gate Tickets (FGT), a Live Nation/Ticketmaster subsidiary that powers ticketing for major US festivals including EDC, Bonnaroo, and Outside Lands, allowed full administrative takeover of the platform with help from Anthropic’s Claude…
Google Dismantles NetNut Residential Proxy That Hacked 2 Million Home Devices
Google, working alongside the FBI, Lumen Technologies, and other industry partners, has taken action to dismantle the NetNut residential proxy network, also tracked as “Popa,” which is estimated to have compromised at least 2 million home devices worldwide. Google disabled…
Claude Cowork’s Sandbox Vulnerability Allows Attackers to Run Arbitrary Commands as Root
A vulnerability chain in Anthropic’s Claude Cowork allows an attacker with local code execution to escalate privileges and run arbitrary commands as root inside the product’s isolated Linux sandbox, bypassing every layer of defense Anthropic built into the environment. Claude…
Ousaban Malware Uses Phishing PDFs and VBS Downloader to Target Iberian Banking Users
A newly documented campaign is quietly hijacking online banking sessions across Spain and Portugal, and it starts with something as ordinary as a broken PDF file. The malware behind it, known as Ousaban, has resurfaced with a fresh set of…
AsyncRAT Campaign Abuses TryCloudflare Tunnels and Python Scripts for Malware Delivery
AsyncRAT is back in the headlines, and the attackers behind it have found a clever way to hide in plain sight. Instead of relying on suspicious servers, they use Dropbox links and TryCloudflare tunnels, both trusted services that most security…
Microsoft 365 Phishing Panel Uses OAuth Device Code Flow to Capture Tokens and Persist Access
A newly uncovered phishing panel called ARToken is giving cybercriminals an easy way to steal Microsoft 365 login sessions without ever touching a password. The tool works by abusing a legitimate Microsoft sign in feature meant for devices without a…
AsyncRAT Campaign Uses DLL Sideloading and ScreenConnect for Stealthy Remote Access
A stealthy campaign is turning trusted remote access software into a weapon against everyday users and businesses. Attackers have hidden the AsyncRAT trojan inside fake software installers, letting it slip past basic security checks. The campaign relies on DLL sideloading…
CitrixBleed Vulnerability Exploited by Hackers Within 24 Hours of Public Disclosure
A newly disclosed CitrixBleed-class vulnerability in Citrix NetScaler appliances came under active exploitation less than a day after public disclosure, with decoy infrastructure operator Lupovis confirming a coordinated scanning-and-exploitation campaign across three separate sensor deployments. Within 24 hours of Citrix…
ChatGPT File Download Flow Vulnerability Could Be Abused to Access System Files
A proof-of-concept vulnerability chain in ChatGPT that combined a guardrail bypass with a path traversal flaw, potentially allowing attackers to access restricted system files such as /etc/passwd through the platform’s file download mechanism. According to Security researcher zer0dac, OpenAI has…
DHS Confirms Breach of Information-Sharing Network Platform HSIN
The Department of Homeland Security has confirmed that hackers breached the Homeland Security Information Network (HSIN), a sensitive but unclassified platform relied upon by federal, state, local, tribal, territorial, international, and private-sector partners to coordinate emergency response and share threat…
Agentic Ransomware JADEPUFFER Uses Base64 Python Payloads to Harvest Cloud and API Keys
Ransomware has always needed a human at the keyboard or writing the script behind it. That assumption no longer holds. Researchers have documented what appears to be the first fully autonomous ransomware operation, driven entirely by an AI agent rather…
Microsoft Outlook Bug Removes Copilot Button For Windows Users
A software defect in classic Outlook for Windows caused Copilot Chat and Copilot entry points to vanish for affected users, with Microsoft confirming the issue was tied to specific Basic-tier Copilot licenses. The bug has since been resolved through a…
Opera Blocks Clipboard Attacks, Including ClickFix, With New Paste Protect Feature
Opera has introduced a new built-in security feature called Paste Protect, designed to defend users against clipboard-based cyberattacks, including the increasingly common ClickFix technique. The feature is now integrated directly into the Opera browser. It is enabled by default, providing…
Hackers Use Fake VLC Executable and Malicious libvlc.dll to Deploy ValleyRAT
Cybercriminals have found a clever way to slip past security defenses by hiding malware inside a program most people trust without a second thought. Researchers have uncovered a campaign that abuses the popular VLC media player to quietly install ValleyRAT,…
900+ Oracle E-Business instances Exposed Online Amid Active Vulnerability Exploitation
More than 900 Oracle E‑Business Suite instances have been found exposed on the public internet. At the same time, attackers actively exploit a critical vulnerability in the platform, putting mission‑critical ERP environments at immediate risk of compromise. Recent scanning data…
Hackers Disable Defender, Sysmon, and WAF Before Dumping Credentials With Mimikatz
Hackers have found a new way to blind security teams before stealing passwords, and the technique is as thorough as it is alarming. A threat actor recently disabled Microsoft Defender, killed the Sysmon logging tool, and tore down a web…
FCC Announces Bans on Chinese Equipment Linked to Cybersecurity Risks
The U.S. Federal Communications Commission (FCC) has announced a sweeping ban on the import and sale of certain Chinese-made telecommunications equipment linked to cybersecurity risks and potential espionage. The decision, issued on June 26, 2026, targets devices from companies listed…