A fake browser extension disguised as the popular AI search tool Perplexity AI has been caught quietly capturing users’ real-time search inputs and browser signals, raising serious concerns about how easily trusted brand names can be used against ordinary users.…
Tag: Cyber Security News
Kali Linux 2026.2 Released With 9 New Tools and VM Boot Tweaking
Kali Linux team officially released Kali Linux 2026.2 right on schedule at the close of Q2 2026, delivering a compelling mix of desktop environment upgrades, infrastructure modernization, VM performance enhancements, and nine brand-new tools for penetration testers and security researchers.…
Nissan Confirms Data Breach Following Oracle PeopleSoft 0-Day Attacks
Nissan Americas has officially confirmed a data breach affecting current and former employees across four countries after threat actors exploited a critical zero-day vulnerability in Oracle PeopleSoft software, a campaign attributed to the ShinyHunters extortion group. The attack stems from…
U.S. Seizes Hundreds Domains Used to Stream World Cup Matches Illegally
The U.S. Department of Justice (DOJ) has announced the seizure of nearly 400 domains used to illegally stream FIFA World Cup 2026 matches, marking a significant crackdown on global digital piracy networks. The operation, conducted under “Operation Offsides,” targeted websites…
New Claude Code Attack Allows Attackers to Take Full Control of Developers’ Systems
Researchers at Mozilla’s Zero Day Investigative Network (0DIN) have demonstrated a proof-of-concept attack that shows how a completely clean-looking GitHub repository can trick AI-powered coding agents like Claude Code into silently opening a reverse shell on a developer’s machine, without…
EvilTokens Phishing Breaches Finance Firms Using “Ghost” Code Across U.S. and European Businesses
EvilTokens can keep serious account-takeover activity out of your SOC’s view by relying on “ghost” code that only surfaces after the browser decrypts it. Because of this, analysis that looks only at the static URL can overlook the part of the…
WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers
WhatsApp introduces a new privacy update that lets users connect using unique handles, eliminating the need to share phone numbers with strangers or new group members. Earlier, we detailed that WhatsApp is preparing to roll out a long-anticipated username feature.…
Critical Gemini CLI Vulnerability Lets Attackers Execute Arbitrary Code
A critical security vulnerability in Google’s Gemini CLI has been disclosed, allowing attackers to execute arbitrary code in certain CI/CD environments, particularly GitHub Actions workflows. The issue, tracked as CVE-2026-12537, impacts multiple versions of the Gemini CLI and its related…
Microsoft 365 Apps RCE Vulnerability Exploited Using a Malicious Excel File
Microsoft has disclosed a critical remote code execution vulnerability in its Office ecosystem that can be exploited through a malicious Excel file. The vulnerability, tracked as CVE-2025-60727, affects multiple versions of Microsoft Office and underscores the continued risk posed by…
Critical Dell Wyse Vulnerabilities Enable Remote Code Execution Attacks
Dell Technologies has released a critical security advisory addressing multiple vulnerabilities in its Wyse Management Suite (WMS), warning that attackers could exploit these flaws to execute arbitrary code on affected systems. The vulnerabilities affect Dell Wyse Management Suite versions before…
Hackers Exploiting Critical Oracle E-Business Suite Vulnerability Actively in Attacks
Threat actors are actively exploiting CVE-2026-46817, a critical unauthenticated remote takeover vulnerability in Oracle E-Business Suite (EBS), with live attack activity captured across honeypot infrastructure over the weekend of June 27–28, 2026. CVE-2026-46817 is a critical-severity flaw residing in the…
Public PoC Released for Deserialization RCE Vulnerability in Splunk Secure Gateway
A public proof-of-concept (PoC) exploit has been released for CVE-2026-20251, a high-severity remote code execution (RCE) vulnerability affecting Splunk Secure Gateway (SSG). The flaw, carrying a CVSS score of 8.8, allows a low-privileged authenticated attacker to execute arbitrary code on…
Hackers Could Abuse WM_COPYDATA Callback Path to Execute Code Through Win32k Dispatch
A newly detailed injection technique has put Windows systems in the spotlight, revealing how attackers could abuse a deeply embedded part of the operating system to run malicious code inside another process without raising alarms. The method exploits the Windows…
ClawHub Skills Expose AI Agents to Remote Control Backdoors and Data Theft Attacks
AI-powered agents are no longer just answering questions. They now take actions, manage files, and run code on behalf of users. That shift has opened a dangerous new door, and attackers have already walked through it. Malicious skills targeting the…
Russia-Linked Turla Uses Compromised Infrastructure to Deploy STOCKSTAY in Ukraine Operations
Russia-linked threat group Turla has been quietly expanding its espionage arsenal with a new backdoor called STOCKSTAY, actively targeting government and military organizations in Ukraine since at least December 2022. The malware is built in .NET and communicates with operators…
Hackers Use Rokarolla Banking Trojan to Intercept SMS Codes and Steal Crypto Credentials
A newly discovered Android banking trojan called Rokarolla has been making waves across the cybersecurity community, targeting victims by posing as well-known, trusted applications. The malware goes after banking and cryptocurrency users with a level of sophistication that puts it…
UNC1151 Ghostwriter Hackers Target Belarusian Politician in Gmail Phishing Campaign
A well-known hacker group called UNC1151, also widely known as Ghostwriter, has been caught running a targeted phishing campaign against a prominent Belarusian pro-democracy politician. The group, which has long been tied to the interests of the Belarusian government and,…
Millenium RAT Rewritten in C++ Infects 62,000+ Devices Across 160 Countries
A remote access trojan known as Millenium RAT has been quietly spreading across the globe, and the numbers are hard to ignore. Over 62,000 devices have been compromised across more than 160 countries, with no signs of slowing down. More…
DCloud Uni-App Scam Network Powers RainbowEx-Style Crypto Fraud and WhatsApp Phishing
A Chinese open-source development framework has become the silent engine behind one of the largest scam networks ever documented. Known as DCloud Uni-App, the cross-platform toolkit was designed for legitimate app development but has been repurposed by cybercriminals to run…
LLM-Generated Mythic Agents Enable Disposable Red-Team Tooling From Prompt to Deployment
Red teamers and offensive security researchers have entered a new era where AI can write functional attack tools from a single sentence. A concept known as “disposable tooling” is now taking shape, and the implications for defenders are real. At…