A surge in ACR Stealer activity from late April through mid-June 2026, with operators combining ClickFix social engineering, WebDAV-hosted payloads, PowerShell obfuscation, and steganography to compromise enterprise users. The malware operations rely on ClickFix social-engineering lures to trick victims into…
Tag: EN
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing Password Reset for 27,000 Staff
Two young members of the Scattered Spider cybercrime group have been jailed for a 2024 attack that knocked out 148 Transport for London (TfL) systems, forced all 27,000 staff to reset passwords in person, and cost the organization about £29…
The five step plan that cuts security budget waste
In this Help Net Security video, Viktor Bulanek, CTO of Penetrify, explains where security budget waste comes from. Budgets get built around vendor categories, compliance checkboxes, and last year’s headlines. Attackers work along attack paths, and that mismatch is where…
AnyDesk Zero-Day Flaw Allows Local Attackers to Trigger System-Wide Denial-of-Service
A newly disclosed zero-day vulnerability in AnyDesk has the potential to allow a local attacker to trigger a denial-of-service condition by exploiting the remote-access software’s “Send Support Information” feature. The advisory, tracked as ZDI-26-401 and ZDI-CAN-26645, was published by Trend…
Five-Layer Fileless Malware Uses JScript and PowerShell to Evade AMSI and Load .NET Payload
An active phishing campaign using a five-layer, fileless malware loader to evade Microsoft’s Antimalware Scan Interface (AMSI), static detection controls, and disk-based forensic analysis. The campaign delivers a Windows Script Host JScript payload inside a TAR archive disguised as a…
A hard drive reliability check on 341,263 drives, from 4TB to past 20TB
Large cloud storage operators track their hard drives every day, recording which units keep running and which ones drop off the racks. Backblaze does this at scale, and its Q1 2026 report covers a fleet built for continuous use. The…
New infosec products of the week: July 17, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Cloudflare, Lineation.ai, Nudge Security, and Polygraf AI. Polygraf AI Meeting Guard delivers real-time deepfake detection for enterprise meetings Polygraf AI has announced Meeting Guard, a…
7-Zip Vulnerability Exposes Millions of Users to Remote Code Execution Risk
A newly disclosed vulnerability in 7-Zip, one of the most widely used open-source file archiving tools, could allow remote attackers to execute arbitrary code on affected systems. Tracked as CVE-2026-14266, the flaw stems from improper handling of XZ chunked data…
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing Password Reset for 27,000 staffs
Two young members of the Scattered Spider cybercrime group have been jailed for a 2024 attack that knocked out 148 Transport for London (TfL) systems, forced all 27,000 staff to reset passwords in person, and cost the organization about £29…
ISC Stormcast For Friday, July 17th, 2026 https://isc.sans.edu/podcastdetail/10012, (Fri, Jul 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, July 17th, 2026…
South Korea making its own security-centric AI model
Adapting existing local LLM project for security and sovereignty purposes and hopes to one day match Mythos This article has been indexed from www.theregister.com – Articles Read the original article: South Korea making its own security-centric AI model
Scattered Spiders sentenced, OpenAI builds an AI that breaks AIs, and Iran leans on ChatGPT
Two leading Scattered Spider members, Thaila Jubar and Owen Flowers, were sentenced to five years and six months for the 2024 Transport for London hack that knocked 148 systems offline, forced 27,000 password resets, stole customer data, and cost TfL…
ACR Stealer: Two observed intrusion chains amid increased threat activity
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer environments. These campaigns are successfully using ClickFix lures to steal browser credentials, authentication tokens, and sensitive documents from enterprise environments. The post ACR…
AI, Automation and Attacks: Unpacking the Unit 42 2026 Global Incident Response Report
Explore Unit 42’s perspectives on AI’s impact on cybersecurity, including key updates since the 2026 Incident Response Report. The post AI, Automation and Attacks: Unpacking the Unit 42 2026 Global Incident Response Report appeared first on Unit 42. This article…
Why CISOs should automate SBOM management with AI
<p>Modern software runs on open source. Nearly all codebases — 98% — contain open source code, according to a 2026 <a target=”_blank” href=”https://www.blackduck.com/content/dam/black-duck/en-us/reports/rep-ossra.pdf” rel=”noopener”>report</a> from cybersecurity vendor Black Duck, which scanned 947 codebases and analyzed nearly 3,000 individual projects between…
OpenAI admits GPT-5.6 occasionally deletes files – but it’s an ‘honest mistake’
Data purges deemed an example of ‘misaligned behavior’ that upstart is working to avoid This article has been indexed from www.theregister.com – Articles Read the original article: OpenAI admits GPT-5.6 occasionally deletes files – but it’s an ‘honest mistake’
Zoom Patches Critical Account Takeover Vulnerability for Windows
Zoom patched a critical Windows vulnerability that could enable unauthenticated account takeover. The post Zoom Patches Critical Account Takeover Vulnerability for Windows appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Zoom…
How mapping security controls can ease the compliance burden
<p>CISOs and their teams are expected to demonstrate compliance with a range of regulations, frameworks and standards. With an alphabet soup of frameworks — NIST, ISO, PCI DSS, HIPAA, GDPR and many other country- or sector-specific mandates — there is…
Coca-Cola suspended production at its Fairlife dairy after a ransomware attack
Coca Cola said dairy production at its Fairlife unit will “remain suspended” in the United States following a hack. This article has been indexed from Security News | TechCrunch Read the original article: Coca-Cola suspended production at its Fairlife dairy…
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 6, 2026 to July 12, 2026)
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…