A coordinated supply-chain campaign that pushed 17 malicious packages across npm and PyPI, masquerading as SDKs for well-known payment services including PaySafe, Skrill and Neteller. The campaign’s packages 17 npm modules published with four rapid versions each and four PyPI…
Tag: EN
Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes
Fake apps like WireVPN and a trojanized 7-Zip turn victims’ devices into residential proxies, letting criminals route traffic through their IPs. Infoblox’s threat research team started pulling on a single thread in early 2026: a fake version of the 7-Zip…
AI Coding Tools Tricked Into Hacking Developer Machine via Decades-Old Technique
Wiz has disclosed the details of a new AI coding assistant attack method it has dubbed GhostApproval. The post AI Coding Tools Tricked Into Hacking Developer Machine via Decades-Old Technique appeared first on SecurityWeek. This article has been indexed from…
AWS centralizes access, spending, and governance for Claude
Claude apps gateway for AWS is a self-hosted control plane that gives organizations a single point of control over access, costs, and policies for Claude Code and Claude Desktop. It replaces per-developer cloud credentials, manual distribution of managed settings to…
Microsoft Releases Patches for RoguePlanet Defender Zero-Day Vulnerability
Microsoft has released security updates to address a newly disclosed zero-day vulnerability in Microsoft Defender, publicly referred to as “RoguePlanet.” The flaw, tracked as CVE-2026-50656, affects the Microsoft Malware Protection Engine and could allow attackers to gain elevated privileges on…
Helix Data Extortion Group Uses Vishing and Device Code Phishing to Steal SharePoint Data
Helix has surfaced as a fast-moving data extortion group that targets Microsoft 365 users through phone scams and cloud-focused phishing instead of traditional malware drops. Attackers are after access first, then large volumes of corporate files, with SharePoint libraries becoming…
NetSPI pairs AI pentesting with expert-validated security findings
NetSPI has announced the expansion of its AI-powered continuous pentesting platform, broadening the suite of services that organizations can use to ensure critical assets are always protected. The new services comprise continuous web application penetration testing, continuous AI penetration testing,…
Mexico’s big cyber test, Roundcube mailserver snooped on, Cash App found lax
Mexico’s first cyber test gets tested Snoops break into Roundcube mailservers Cash App owner pays up over lax security Get the show notes here: https://cisoseries.com/cybersecurity-news-mexicos-big-cyber-test-roundcube-mailserver-snooped-on-cash-app-found-lax/ Thanks to our episode sponsor, Vanta Your team just added its 67th AI tool. And…
Meta’s New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images
Meta has announced that its new artificial intelligence (AI) model Muse Image lets people use public Instagram posts and reels to generate AI content, and it’s enabled by default. “You can also @-mention Instagram accounts in the Meta AI app…
Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories
SNOW Malware Ecosystem Uses Teams Phishing, WebSocket Tunnels, and Browser Extensions
Threat actors are increasingly chaining classic phishing with collaboration platforms and covert tunneling to create highly believable intrusion paths. A recent multi-stage campaign attributed to UNC6692 exposes how adversaries combine email bombardment, Microsoft Teams impersonation, malicious browser extensions, WebSocket tunnels,…
Chrome 150 Update Patches 27 Vulnerabilities
The security refresh resolves 13 use-after-free bugs, including two critical-severity flaws found by Google. The post Chrome 150 Update Patches 27 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome 150 Update…
Everest Ransomware Encryptor Uses ConfuserEx-Protected .NET Binary With Wake-on-LAN Capability
A recent technical analysis of an Everest ransomware encryptor reveals a purpose-built, ConfuserEx-protected .NET 4.0 binary that combines heavy obfuscation, misleading cryptographic declarations, and uncommon network tactics to maximize impact and impede response. The analyzed sample (hlntqyun.exe, SHA-256 1df92b…) is…
Thief posed as Wi-Fi fixing hero, then stole priceless trophy
If people think you are doing a legitimate job, you can get away with anything This article has been indexed from www.theregister.com – Articles Read the original article: Thief posed as Wi-Fi fixing hero, then stole priceless trophy
8Layers Raises $2.9 Million for Identity Security Platform
The Spanish startup has closed an extended pre-seed funding round two months after launching its digital identity protection platform. The post 8Layers Raises $2.9 Million for Identity Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Umbrij Malware Lets ToddyCat Hackers Hijack Gmail Accounts Through Google API Abuse
A targeted campaign in which the ToddyCat (aka APT-style) group leverages a previously observed loader family, Umbrij, to hijack Gmail accounts by abusing Google APIs. Chaining that capability to broad remote access achieved through a malicious MSI installer masquerading as…
Palo Alto PAN-OS Vulnerability Allows Arbitrary Code Execution Through Malicious Network Traffic
Palo Alto Networks has disclosed a high-severity vulnerability in PAN-OS that could allow unauthenticated attackers to execute arbitrary code or trigger a denial-of-service (DoS) condition by sending specially crafted network traffic. Tracked as CVE-2026-0288, the flaw carries a CVSS-B score…
New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents
A newly disclosed vulnerability pattern dubbed “GhostApproval” has exposed a critical security flaw in six of the most widely used AI coding assistants: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf, allowing malicious repositories to bypass…
Malicious AI agent skills can slip past the scanners built to stop them
Developers who build with AI coding agents grab capabilities off public marketplaces the same way they grab packages from npm or PyPI. The add-ons are called agent skills. Each one is a little bundle of plain-English instructions, scripts, and files…
Singapore Mansion Seized Amid Nvidia Chip Smuggling Probe
Singapore police charge man with using proceeds from Nvidia server fraud conspiracy to buy luxury home in upscale area This article has been indexed from Silicon UK Read the original article: Singapore Mansion Seized Amid Nvidia Chip Smuggling Probe