SentinelOne has unveiled its Singularity Identity portfolio designed to secure the growing population of non-human identities, including AI agents, service accounts, APIs, and workloads. Identity attacks have long been a go-to tactic for nation-state actors and cybercriminals. Most defenses focus…
Tag: EN
600+ FortiGate Devices Hacked by AI
An unskilled but financially motivated attacker recently used generative AI to breach over 600 FortiGate firewall instances by automating the exploitation of weak credentials and exposed ports. This article has been indexed from CyberMaterial Read the original article: 600+ FortiGate…
Hacking Group Claims 12.4M CarGurus Records
Recent reports indicate that the automotive marketplace CarGurus has allegedly fallen victim to a significant data breach involving millions of user records. This article has been indexed from CyberMaterial Read the original article: Hacking Group Claims 12.4M CarGurus Records
UK Fines Porn Firm £1.35M for Age Checks
The UK communications regulator Ofcom has issued a fine of 1.35 million pounds to the adult content company 8579 LLC for failing to implement mandatory age verification measures required by the Online Safety Act. This article has been indexed from…
Predator Spyware Hides iOS Mic & Camera
Intellexa’s Predator spyware has the capability to bypass standard iOS privacy protections by suppressing the status bar dots that indicate when a device’s camera or microphone is active. This article has been indexed from CyberMaterial Read the original article: Predator…
Defense Employee Jailed for Selling Zero-Days
A former employee of the defense contractor L3Harris has been sentenced to more than seven years in prison for selling eight highly sensitive zero-day exploits to a Russian broker. This article has been indexed from CyberMaterial Read the original article:…
Unmasking Agent Tesla: A Deep Dive into a Multi-Stage Campaign
FortiGuard Labs provides a technical breakdown of a multi-stage Agent Tesla campaign, from phishing and encrypted scripts to in-memory execution, process hollowing, and data exfiltration This article has been indexed from FortiGuard Labs Threat Research Read the original article:…
The Real Initial Access Vector: Compromised Active Directory Credentials
Compromised Active Directory credentials allow attackers to log in without exploits, driving modern authentication-based initial access. The post The Real Initial Access Vector: Compromised Active Directory Credentials appeared first on Security Boulevard. This article has been indexed from Security Boulevard…
One Identity Appoints Michael Henricks as Chief Financial and Operating Officer
Alisa Viejo, CA, United States, 25th February 2026, CyberNewswire One Identity Appoints Michael Henricks as Chief Financial and Operating Officer on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from…
CloudCasa expands Red Hat OpenShift data protection across edge and hybrid cloud
CloudCasa has announced enhancements to its backup and recovery platform designed to support Red Hat OpenShift environments across core, edge, and hybrid cloud deployments. The latest CloudCasa updates introduce SMB protocol support as a backup storage target, enabling organizations to…
Veza expands platform with AI Access Agents for enterprise identity governance
Veza expanded its platform with Veza Access Agents, a set of purpose-built AI agents designed to automate complex identity and access governance tasks for enterprises. Veza also announced advancements to its AI Agent Security product, providing organizations with deeper visibility…
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well…
Malicious NuGet Package Targets Stripe Developers
Malicious NuGet package mimicking Stripe’s library targeted developers This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious NuGet Package Targets Stripe Developers
44% Surge in App Exploits as AI Speeds Up Cyberattacks, IBM Finds
IBM’s 2026 X-Force report reveals 44% rise in cyberattacks on public apps, driven by AI and flaws This article has been indexed from www.infosecurity-magazine.com Read the original article: 44% Surge in App Exploits as AI Speeds Up Cyberattacks, IBM Finds
Check Point Researchers Expose Critical Claude Code Flaws
Critical vulnerabilities, CVE-2025-59536 and CVE-2026-21852, in Anthropic’s Claude Code enabled remote code execution and API key theft through malicious repository-level configuration files, triggered simply by cloning and opening an untrusted project Built-in mechanisms—including Hooks, MCP integrations, and environment variables—could be…
Ex-L3Harris exec jailed 7 years for selling exploits to Russia
Former Trenchant manager profited millions from cyber tools reserved for the US The former general manager of L3Harris’s cyber arm will spend the next seven years behind bars for selling trade secrets to Russia.… This article has been indexed from…
Medical Device Maker UFP Technologies Hit by Cyberattack
UFP Technologies appears to have been targeted in a ransomware attack that involved data theft and file-encrypting malware. The post Medical Device Maker UFP Technologies Hit by Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign
Introduction Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents. The threat actor, UNC2814, is a suspected People’s Republic…
CISA Confirms Active Exploitation of FileZen Vulnerability
U.S. authorities have confirmed that threat actors are actively exploiting a critical vulnerability in FileZen by Soliton Systems K.K.. Due to the high risk associated with this flaw, CISA has officially added it to the Known Exploited Vulnerabilities (KEV) Catalog.…
OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise User Email Accounts
Threat actors are always looking for new ways to abuse trusted platforms, and Microsoft Entra ID is increasingly becoming a target through a technique known as OAuth consent abuse. A newly documented attack scenario shows how a malicious or overly…