Microsoft’s June 2026 Patch Tuesday update for Windows 11 (KB5095051) is causing unexpected issues, with users reporting that Microsoft Office applications fail to launch when accessed through certain third-party applications. The issue is listed as a known problem in the…
Tag: EN
Rust Clipboard Hijacker Uses Fake GitHub Stars and VirusTotal Upvotes to Steal Crypto
A newly discovered malware campaign is quietly draining cryptocurrency wallets by doing something most security tools never see coming. Instead of relying on brute-force attacks or dark web exploits, the threat actor behind this campaign built a fake reputation engine…
Hackers Abuse PowerShell, VBScript, and BAT Files to Deliver Xctdoor Backdoor
A new wave of cyberattacks is targeting corporate employees through files that look exactly like legitimate job documents. Hackers are distributing malicious LNK files disguised as resumes, and the moment a victim opens one, the infection quietly begins. The attack…
PoC Exploit Released for HTTP/2 Bomb Remote DoS Vulnerability in Apache HTTP Server
A proof-of-concept (PoC) exploit has been publicly released for a critical Denial of Service vulnerability in Apache HTTP Server, tracked as CVE-2026-49975, dubbed the “HTTP/2 Bomb.” The flaw allows remote attackers to exhaust server memory and disrupt services without authentication,…
Rokarolla Banking Trojan Targets 200 Applications
The Android malware allows its operators to take control of infected devices and harvest sensitive information. The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Rokarolla…
Atlassian, Splunk Patch Critical Vulnerabilities
Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies. The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Splunk AI Toolkit Vulnerability Allows Arbitrary OS Command Execution
Splunk has disclosed a critical security vulnerability in its AI Toolkit that could allow authenticated administrators to execute arbitrary operating system commands on affected systems, raising significant concerns for enterprises that rely on Splunk for security analytics and automation. The…
Critical Command Execution Vulnerability Patched in Cisco ISE
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root. The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek. This article has been indexed…
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM…
Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents
Tenet researchers reveal how fake Sentry bug reports can trick AI coding agents into running code, exposing a new Agentjacking risk for developers today. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity
A long-running, stealthy campaign attributed to the China-nexus actor tracked as Velvet Ant has been found to include deeply engineered backdoors in the authentication stack: modified OpenSSH binaries and tampered PAM modules that exfiltrate credentials, record every executed command, and…
FortiBleed Exploit Campaign Hits 70,000+ Fortinet Firewalls Worldwide
A large-scale cyber espionage campaign dubbed “FortiBleed” has compromised more than 70,000 Fortinet firewalls and VPN gateways worldwide, exposing enterprise networks across 194 countries. The activity, first identified by security researcher Volodymyr Diachenko and further analyzed by Hudson Rock and…
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on…
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the…
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
The photography giant confirmed a data breach after ShinyHunters claimed it stole 2.2 million records and threatened to leak them. This article has been indexed from Malwarebytes Read the original article: Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
F5 Patches Critical, High-Severity NGINX Vulnerabilities
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference…
GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products,…
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Google to Use IP Addresses for Ad Personalization in UK and EU Starting August 3
Google has informed advertisers that starting on or shortly after August 3, 2026, it will begin using IP addresses for ad measurement and personalization in the Thank you for being a Ghacks reader. The post Google to Use IP Addresses…