According to Socket, the campaign operates as a typosquatting worm: the attacker publishes malicious packages that mimic trusted names (e.g., look-alikes of common utilities and AI coding tools)....
$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a "weird twist" on the growing trend of criminals abusing...
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and...
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African...
A staffer of the Incognito dark web market was secretly controlled by the FBI—and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death.
Dysruption Hub is all over the breach news today. They report: Meriden, Connecticut, took city internet services and public Wi-Fi offline after officials reported an attempted disruption, limiting...
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based...
CVE-2026-1731 is an RCE vulnerability in identity platform BeyondTrust. This flaw allows attackers control of systems without login credentials. The post VShell and SparkRAT Observed in...
Oleksandr Didenko ran laptop farms and provided forged or stolen identities to North Korean operatives who gained remote employment at 40 U.S. businesses. The post Ukrainian sentenced to 5 years...
HPE security advisory (AV26-150)
Tenable security advisory (AV26-149)
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same...
In this week’s newsletter Martin considers how defenders can turn offensive AI tools against themselves.
A report issued by the Office of the Information and Privacy Commissioner for British Columbia states: Between April 30, 2025 and June 20, 2025 the OIPC received breach notifications from the...
A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat...
FBI warns these cyber-physical attacks are on the rise Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick...
Citizen Lab researchers have co-authored two submissions to the Committee on Enforced Disappearances and UN Working Group on Enforced and Involuntary Disappearances. One submission focuses on...
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and...
IceWarp security advisory (AV26-148)
Two popular AES libraries, aes-js and pyaes, provide a default IV in their AES-CTR API. Although this was seen as helpful from the API standpoint, it actually creates a terrible vulnerability. Why...
The main Solidity code generator had a compiler bug in the intermediate representation (IR). This is the story and impact of the bug from versions 0.8.28 and 0.8.33. The IR pipeline generates...
Splunk security advisory (AV26-147)
HTTP Smuggling is the process of two HTTP parsers parsing data differently and this difference being able to smuggle unintended data through the pipeline. A simple example would be Nginx alongside...
GitHub security advisory (AV26-146)
The real deal or another research project overblown? Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed....
A cyberthreat forecast by Kaspersky experts.
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to...
Dysruption Hub reports what sounds like a very serious cyberattack affecting the University of Mississippi Medical Center (UMMC): University of Mississippi Medical Center said a cybersecurity...
Google Chrome security advisory (AV26-145)
Secure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure.