Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize...
Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a...
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from...
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just...
Ex-employee claims this 'meets the definition of an insider threat'
The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had already been built, staged, and partially deployed. Threat...
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn...
CERT Polska has received a report about 4 vulnerabilities (from CVE-2026-35095 to CVE-2026-35098) found in KTM System e-BOK software.
Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless...
CERT Polska has received a report about 2 vulnerabilities (CVE-2026-53432 and CVE-2026-53433) found in fzf software.
wolfSSL security advisory (AV26-643)
Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI...
Key points LevelBlue has identified two distinct attack vectors associated with ValleyRAT: campaigns leveraging fake installers and campaigns initiated through malicious emails. The malicious...
The UK’s healthcare sector is being “stress-tested to breaking point,” with a tenfold increase in attacks during January-May 2026 compared to the whole of 2025, according to SonicWall. The...
The U.S. Department of Justice (DOJ) has seized nearly 400 internet domains that were illegally streaming FIFA World Cup 2026 matches. The operation, known as Operation Offsides, targeted websites...
The National Telecommunications and Information Administration (NTIA) has yet to implement most of the Government Accountability Office’s (GAO) priority recommendations for improving the agency’s...
A passenger jet reported striking a drone while approaching JFK International Airport on Monday, and just hours later, a helicopter pilot alerted a close call with a remote-control airplane near...
Russian cybercriminals managed to hack into a Quebec municipality’s water treatment plant systems and had the ability to wreak havoc on the crucial infrastructure before getting caught, according...
A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw,...
CERT Polska has received a report about 3 vulnerabilities (from CVE-2026-53690 to CVE-2026-53692) found in Redeight CMS software.
On December 20, 2025, the China National Nuclear Corporation (CNNC) announced that Chaotan One, the world’s first commercial supercritical carbon dioxide power generator, began commercial...
Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using...
The Supreme Court on Monday said that police must generally obtain a warrant to gather detailed location data tracked by smartphones, in a case that brings into sharper relief the Constitution’s...
SimpleHelp security advisory (AV26-642)
The Financial Times has a good article on how AI is changing the capabilities of video surveillance, with information from both Israel/Iran and Russia. I wrote about this sort of thing a few years...
SQL Injection vulnerability (CVE-2026-12076) has been found in Raytha CMS software.
A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score:...
An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat...
Bring Your Own Vulnerable Driver (BYOVD) has gone from a niche tactic to a standard part of the ransomware playbook and Windows' own kernel hardening does little to stop it.
From outsourced labor to tiered pricing models, an inside look at how today's top ransomware threats operate less like rogue hackers and more like Fortune 500 companies. The post How ransomware...
CISA’s BOD 26-04 changes how federal agencies patch and how security leaders must measure, justify, and communicate cyber risk to executives and boards.Key takeawaysBOD 26-04 requires agencies to...
Allows ISVs to put their names on the door so desirable bots always get in
Open API leaked everything an attacker needs to impersonate bank officials
If you want a picture of the future of LLM security, imagine Whac-a-Mole meets Groundhog Day
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the...