RSA has expanded its passwordless authentication capabilities to Linux environments, advancing its goal of delivering secure, password-free access for every user in every environment. Linux is ubiquitous in enterprise infrastructure, powering servers, developer workstations, and critical operational environments across industries…
Tag: EN
SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
A newly analyzed Python-based information stealer named SolyxImmortal is actively targeting sensitive user data, including browser credentials, cookies, documents, screenshots, and keystrokes. The malware uses common Python libraries and multi-threading techniques to run multiple surveillance and data theft operations simultaneously,…
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites…
TP-Link Router Security Bug Enables Remote Command Execution Attacks
TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi‑Fi routers that could allow remote command execution once an attacker gains admin access. The vulnerability, tracked as CVE-2026-5509, is rated 8.5 (High) under CVSS v4.0,…
PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
New technical details about PHANTOMPULSE, a sophisticated remote access trojan (RAT) used in multi-stage intrusions targeting Windows environments. The malware represents the final payload in an attack chain previously linked to Obsidian plugin abuse and in-memory loaders, but this latest…
Zero trust physical security needs trust decisions at the edge
In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the edge…
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of developers and CI/CD environments to credential theft. Security researchers at Aikido confirmed that 96 malicious versions across 32 packages were published…
Nimbus Manticore APT Uses Fake Jobs to Deliver Custom Malware
A newly observed cyber campaign linked to the Iran-aligned threat group Nimbus Manticore (also tracked as UNC1549 and Smoke Sandstorm) is targeting aerospace and defense organizations using a deceptive recruitment workflow that delivers custom malware through a sophisticated sideloading chain.…
Meta’s AI Bot Misused by Hackers to Take Over Instagram Accounts
Attackers have exploited a critical vulnerability in Meta’s AI-powered Instagram support chatbot to hijack user accounts without needing passwords, phishing, or malware. Instead of bypassing security through technical exploits, hackers simply manipulated the chatbot via natural-language requests. Meta’s AI Bot…
Why you need BAS and autonomous pentesting together
Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account…
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an “external” threat actor…
U.S. Lawmakers Press Telecom Providers for More Action Against Growing Scam Epidemic
A congressional committee is seeking answers from some of the largest telecommunications providers in the United States as financial losses linked to scams continue to rise across the country. The inquiry comes from the Joint Economic Committee, whose leadership…
This AI model backdoor attack stays hidden until you customize the model
Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production. The download step carries a security question: the origin of the model. A…
Cybersecurity jobs available right now: June 2, 2026
Agentic Safety and Ecosystem Architect, Trust and Safety Google | USA | On-site – View job details As an Agentic Safety and Ecosystem Architect, Trust and Safety, you will define safety controls and permission models for autonomous agents on Android,…
Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts
A critical logic flaw in Meta’s AI-powered Instagram support chatbot allowed attackers to bypass two-factor authentication entirely, not by cracking codes, but by simply asking the bot to hand over access. Over the weekend, high-value “OG” Instagram handles, dormant institutional…
ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, June 2nd, 2026…
Why Encrypted File Sharing Is Essential for Modern Businesses
Consider the history of any recent corporate scandal, and it is quite possible to guess what the story… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Why Encrypted File…
Fake Claude Code Installers Deliver Credential-Stealing Malware
Fake Claude Code sites are using malicious install commands to steal AI credentials, API keys, and cryptocurrency. The post Fake Claude Code Installers Deliver Credential-Stealing Malware appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
TeamPCP? Or copycat malware dev? This article has been indexed from www.theregister.com – Articles Read the original article: Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
Election interlopers register 5K+ domains, hope to catch some voting phish
Hacking voting machines is so 2017. Phishing, impersonation pose the real election risks This article has been indexed from www.theregister.com – Articles Read the original article: Election interlopers register 5K+ domains, hope to catch some voting phish