A new Python-based malware called SolyxImmortal has been found quietly stealing browser passwords, cookies, sensitive files, and keystrokes from infected Windows systems. The malware uses well-known Python libraries and multi-threading to carry out its operations simultaneously, making it harder to…
Tag: EN
Hackers Use 34 Malicious Packages to Steal Cloud Keys, Wallets, and SSH Credentials
Hackers have planted 34 malicious packages across three major open-source ecosystems, quietly stealing cloud credentials, SSH keys, and blockchain wallet data from developers who never suspected a thing. The campaign, named TrapDoor, was first disclosed on May 24, 2026 by…
Mustang Panda Deploys PlugX RAT Through Multi-Stage LNK and PowerShell Attack Chain
A well-known Chinese state-sponsored threat group called Mustang Panda has been caught running a sophisticated cyberattack campaign using its signature remote access tool, PlugX. The group used a cleverly disguised fake browser update to trick users into downloading a multi-stage…
Microsoft MSRC Allegedly Dismissed Dependency Confusion Vulnerability, Claims Researcher
A dependency confusion vulnerability affecting Microsoft’s Azure Portal after the Microsoft Security Response Center (MSRC) closed the case, claiming the confirmed remote code execution evidence did not constitute an exploitable security issue. The vulnerability was uncovered by Security researcher Wahid…
CISA Flags Palo Alto Networks PAN-OS Vulnerability as Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Palo Alto Networks PAN-OS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively leveraged in real-world attacks. The vulnerability affects PAN-OS, the…
Cyber Briefing: 2026.06.02
Global cybersecurity risks are diversifying rapidly, characterized by adversarial tracking of military personnel via commercial data, novel macOS malware campaigns, sophisticated phone spoofing scams, This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.06.02
Anthropic Expanding Mythos Access to 150 New Organizations
Only approximately 50 companies have had access to Mythos until now and they have found thousands of vulnerabilities in their products. The post Anthropic Expanding Mythos Access to 150 New Organizations appeared first on SecurityWeek. This article has been indexed…
Tuskira Quell identifies, mitigates, and validates zero-day risk before breach
Tuskira launched Quell, its exposure-led zero-day defense capability. Quell helps enterprises survive the window between a zero-day’s disclosure and a patch by determining which zero-days are reachable in their environment, whether existing controls would stop them, and which compensating control…
Noma brings visibility and access governance to AI agents and MCP servers
Noma has announced the launch of Noma Agent Access Control, which helps security teams discover, govern, and enforce access policies for AI agents and Model Context Protocol (MCP) servers throughout the enterprise. AI agents and MCP servers have proliferated across…
Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats
Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats
5 AI Security Incidents That Broke Things in Production (and What They Have in Common)
Amazon’s internal coding tool deleted a live AWS environment. A consulting firm’s internal chatbot was fully compromised in two hours with no credentials. A calendar invite was enough to pull files off a developer’s machine without a single user click.…
Anthropic’s Mythos Preview Detects Over 10,000 Software Bugs in Project Glassing
Recently, Anthropic disclosed that its Project Glasswing initiative found over 10,000 critical or high vulnerabilities in system software in its first month of operation. Claude Mythos Preview finds bugs Claude and 50 other partners deployed Claude Mythos Preview to find…
64,000 accounts exposed in breach of GTA V cheat service Atlas Menu
Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that exposed tens of thousands of user records. The incident exposed approximately 64,000…
Meta adds stricter guardrails for teen feeds
Meta has expanded its Teen Accounts 13+ content settings globally on Instagram, Facebook, and Messenger. The safeguards are designed to help young users see age-appropriate content by default. The company also introduced Limited Content on Instagram for parents seeking stricter…
Turning tension into collaboration: How CIOs and CISOs can lead together
If properly managed and channeled, age-old friction between IT and cybersecurity can create a more resilient organization. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Turning tension into collaboration: How CIOs and CISOs…
LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine
ESET researchers show how Gamaredon facilitated Turla access to Ukrainian targets, revealing rare cooperation between FSB-linked espionage groups. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of…
Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
A long-running Telegram influence and fraud campaign where a solo threat actor leveraged stolen Google Gemini API keys and jailbroken AI to automate content generation, credential theft, and infrastructure operations at scale. Tracked as “bandcampro,” the Russian-speaking operator maintained a…
Microsoft reaches for olive branch after public dustup with 0-day researcher
Following days of criticism from the security community, Redmond dials back rhetoric, insists vulnerability hunters not in its legal crosshairs This article has been indexed from www.theregister.com – Articles Read the original article: Microsoft reaches for olive branch after public…
Codex knowledge work expands into research, reports, and spreadsheets
Office workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about 72 million people, works primarily with information such as analysis, documents,…
Operation FlutterBridge macOS Malvertising Campaign
Cybersecurity researchers at Unit 42 have identified a malvertising campaign targeting macOS users with a previously unknown backdoor. This article has been indexed from CyberMaterial Read the original article: Operation FlutterBridge macOS Malvertising Campaign