CISA has added a critical server-side request forgery (SSRF) vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies and organizations to apply patches immediately amid active exploitation in the wild. The…
Tag: Cyber Security News
Microsoft Extends Windows 10 Security Updates for Users Up to October 2027
Microsoft has quietly expanded its Windows 10 Extended Security Updates (ESU) program, allowing consumers to receive critical security patches through October 12, 2027, an additional year beyond the program’s originally planned expiration date of October 12, 2026. Windows 10 officially…
OpenAI Reportedly Delays ChatGPT 5.6 Release Following Trump Administration Request
OpenAI has agreed to stagger the public release of its latest AI model, GPT-5.6, after the Trump administration formally requested the company limit initial access to a select group of government-approved partners, citing the model’s advanced capabilities and national security…
Russia Used Cellebrite Tool to Hack Activist’s iPhone Despite Contract Cancellation
Russian authorities deployed Cellebrite’s Universal Forensic Extraction Device (UFED) to breach the iPhone of opposition politician Andrey Pivovarov in June 2021, months after the Israeli surveillance firm publicly announced it had terminated all contracts with Russian customers, according to a…
Windows Secure Boot Certificate Expired — Billions of PCs Affected Including Linux Distros
The clock has run out. As of June 24, 2026, the first of Microsoft’s original Secure Boot certificates, the Microsoft Corporation KEK CA 2011, has officially expired, with the Microsoft UEFI CA 2011 following on June 27, 2026. A third, the Microsoft…
25-Year-Old Vulnerability in cURL Used by 30 Billion Devices Finally Patched
A critical security flaw lurking in curl for over 25 years has been patched, as part of a record-breaking security release that fixed 18 CVEs, the most ever issued in a single curl version. The vulnerability, CVE-2026-8932, was first shipped…
Rust macOS Backdoor Uses Interactive Shell and Telegram File Uploads for Data Theft
A newly identified Rust-based macOS backdoor has raised alarms across the security community, combining a hidden interactive shell with Telegram-based file uploads to quietly steal data from Apple users. Discovered in early June 2026, the threat surfaced when an Apple…
AWS AiTM Phishing Kit Steals Console Credentials and MFA Codes in Real Time
A newly discovered phishing kit is targeting Amazon Web Services users by silently stealing login credentials and multi-factor authentication codes the moment a victim types them in. Unlike older tools that captured passwords for later use, this kit works in…
Shai-Hulud Payload Steals GitHub, npm, Cloud, CI/CD, and SSH Credentials From Developers
A new wave of malicious npm packages is targeting developers who work with cloud and serverless infrastructure. The threat, known as the Shai-Hulud payload carrying the Hades malware family, has now expanded its reach to the Leo/RStreams ecosystem, a set…
LokiBot Campaign Uses JScript Attachment, .NET Injector, and Process Injection to Steal Credentials
LokiBot, one of the oldest credential-stealing malware families still active today, has resurfaced in a new multi-stage campaign designed to steal credentials from a wide range of applications. The campaign uses a JScript email attachment as its entry point, quietly…
Gemini 3.5 Flash Released With Computer Use Capabilities that Build Agents
Google has officially released Gemini 3.5 Flash with native “computer use” capabilities, marking a significant shift toward autonomous AI agents that can interact directly with digital environments. Announced on June 24, 2026, the update enables developers to build intelligent agents…
ManageEngine AD360 Integration Flaw Exposes User Identity and Role Information to Attackers
ManageEngine has disclosed a high-severity vulnerability, tracked as CVE-2026-11374, affecting several of its identity and access management solutions when integrated with AD360. The flaw could allow unauthenticated attackers to predict single sign-on (SSO) tokens, potentially leading to account takeover and…
Malicious Chrome Extension Uses Native Messaging Host to Execute PowerShell Commands
A newly discovered malware campaign has turned Google Chrome into a remote backdoor without breaking any of the browser’s built-in rules. Spotted in June 2026, the attack arrived in Italian-language phishing emails that looked like standard business invoices. The email…
WhatsApp to Warn Users Before Starting Chats With New Phone Numbers
WhatsApp is rolling out a new security warning on both Android and iOS that appears before users even open a conversation with an unknown phone number. WABetaInfo noted that the feature displays the country where the number is registered, whether…
OpenClaw Skill Marketplace Exposes AI Agents to Supply Chain Malware and Financial Fraud
A wave of malicious skills targeting the OpenClaw AI agent marketplace has exposed a dangerous new frontier in software supply chain security. Attackers are using the ClawHub skill marketplace to push harmful code into AI agent environments, stealing data and…
Hackers Use Cisco AnyConnect and Google Update Lures to Drop SharkLoader Malware
A newly discovered malware family is making its way onto systems worldwide by hiding inside fake software installers that look completely legitimate. Researchers have identified a campaign where attackers disguise their malicious tools as trusted programs like Cisco AnyConnect and…
Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks
Google has released a critical security update for its Chrome browser, pushing the Stable channel to version 149.0.7827.196/197 for Windows and Mac, and 149.0.7827.196 for Linux. The update addresses 18 security vulnerabilities, including four rated Critical and fourteen rated High…
Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack
Anthropic has formally accused Chinese tech and e-commerce giant Alibaba of orchestrating a massive, unauthorized extraction campaign targeting its Claude AI model, marking what the company describes as the largest known distillation attack in its history. In a letter dated…
Fake Document Reader in The Google Play Store with 100K Downloads Deliver Android Malware
A dangerous Android banking trojan is once again spreading through the Google Play Store, hiding inside what appears to be a simple document reader app. The app has already been downloaded more than 100,000 times, putting a large number of…
Microsoft Teams Impersonation Campaign Enables Unauthorized Access Through RMM Abuse
Threat actors are once again exploiting the trust people place in everyday workplace tools. A newly discovered phishing campaign is using fake Microsoft Teams notifications to trick employees into downloading a remote access tool that gives attackers full control over…