access ai android api apple attack authentication backdoor breach browser business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
This week’s security news is mostly about weak spots.Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through.This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing…
-
Google loses final appeal to overturn Euro4.1 billion EU fine
Court of Justice of the European Union (CJEU) has dismissed Google’s final appeal against a Euro4.1 billion ($4.7 billion) antitrust fine over the company’s use of Android to promote its Chrome browser and search service. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/google-loses-final-appeal-to-overturn-41-billion-eu-fine/ also interesting: Privacy Roundup: Week 13 of Year 2025 Google Chrome Uses…
-
Bank of England explores trading ‘kill switches’ to contain AI meltdowns
UK central bank’s deputy governor outlines challenges facing regulators as artificial intelligence reshapes the finance sector First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645329/Bank-of-England-explores-trading-kill-switches-to-contain-AI-meltdowns also interesting: Securing cloud-native applications: Why a comprehensive API security strategy is essential Threat Intelligence’s Top Players Tackle Evolving Cyber Risk Phishing Season 2025: The Latest Predictions Unveiled 6 types of…
-
Digital readiness gaps emerge around FIFA World Cup 2026
Tags: aiDynatrace research highlights disparities in federation website performance around the FIFA World Cup 2026, with Saudi Arabia among the slowest performers, as organisations turn to AI and observability to manage unpredictable traffic spikes First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645211/Digital-readiness-gaps-emerge-around-FIFA-World-Cup-2026 also interesting: Einkaufserlebnis der Zukunft: Aldi setzt auf Künstliche Intelligenz The Twilio-Stytch Acquisition: A…
-
Scattered Spider Suspect Extradited From Finland to US
FBI Says Peter Stokes, 19, ‘Exhibited Substantial Wealth for a Person of His Age’. A suspected member of the notorious Scattered Spider cybercrime group has been extradited from Finland to stand trial in the United States. Peter Stokes, 19, a dual U.S.-Estonian citizen, faces a six-count indictment, including an attempted $8 million shakedown of a…
-
Alleged longstanding member of Scattered Spider extradited to US
Tags: unclassifiedPeter Stokes boasted on social media about the luxurious globetrotting life he enjoyed while he was still a child. First seen on cyberscoop.com Jump to article: cyberscoop.com/scattered-spider-peter-stokes-cybercrime-extradition/ also interesting: Videogames im Kino: Gute Spiele, schlechte Filme… Sicherheitsupdates: Atlassian Bitbucket, Confluence & Co. attackierbar Bitwarden Review 2024: Features, Pricing, Pros Cons Cogent Growth Partners Welcomed by…
-
FortiBleed campaign traced to INC and Lynx ransomware operations
Researchers are also investigating the role of a suspected zero-day vulnerability. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fortibleed-campaign-traced-to-inc-and-lynx-ransomware-operations/824348/ also interesting: Rising attack exposure, threat sophistication spur interest in detection engineering Play Ransomware Deployed in the Wild Exploiting Windows 0-Day Vulnerability Cyberresilienz einer der größten Wettbewerbsvorteile der Neuzeit Medusa Ransomware Affiliates Tied to Fortra GoAnywhere…
-
Forscher warnen: Ransomware-Befall durch Interpol-Masche mit Fake-Beweisen
Angreifer geben sich bei Unternehmen als Personal von Interpol aus und ködern mit angeblichen Beweismitteln. Doch stattdessen gibt es Ransomware. First seen on golem.de Jump to article: www.golem.de/news/ransomware-im-anmarsch-hacker-greifen-mit-fieser-interpol-masche-an-2607-210436.html also interesting: Operation Synergia II disrupted +22,000 malicious IPs Ransomware Reloade Warum 2025 das bisher gefährlichste Jahr werden wird Black Basta Ransomware Leader Added to EU Most…
-
Keyfactor stellt Trust Control Plane für einheitliches Management digitaler Vertrauensinfrastrukturen vor
Tags: controlDie Einführung der Trust Control Plane zeigt, dass digitale Vertrauensinfrastruktur nicht länger als Hintergrundtechnik betrachtet werden kann. Sie wird zu einem zentralen Resilienzfaktor. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/keyfactor-stellt-trust-control-plane-fuer-einheitliches-management-digitaler-vertrauensinfrastrukturen-vor/a45658/ also interesting: What CISOs need from the board: Mutual respect on expectations Lazarus Breaches IIS: Web Shells Evolving C2 Tactics Unveiled AuraInspector: Open-Source Misconfiguration…
-
Detailanalyse des technisch innovativsten Mini-Shai-Hulud-Angriffs – TanStack-Angriff nutzte vertrauenswürdige Pipelines als Waffe
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/tanstack-mini-shai-hulud-angriff-detailanalyse-a-02dbf42b8157d440eacf46a234d16176/ also interesting: UN report exposes North Korean cyberattacks, crypto laundering spree DDoS-Angriffe auf finnische Webseiten 10 Milliarden Passwörter durch Cyberangriff geleakt Multi-Faktor-Authentifizierung ist dringend notwendig Chinese Hackers Breach US Treasury in ‘Major Incident’
-
Safe Events Start With Threat Intel & Digital Security
Planning ahead to defend against cyber threats is the work that keeps events uneventful. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/safe-events-threat-intel-digital-security also interesting: The Security Interviews: What is the real cyber threat from China? News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches Sec-Gemini v1 Google’s New AI Model for…
-
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to defend against them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/consentfix-and-clickfix-how-microsoft-365-accounts-are-hijacked-in-3-seconds/ also interesting: Top 12 ways hackers broke into your systems in 2024 7 obsolete security practices that should…
-
US government says it got hacked, again
A top Democrat on the Senate’s Intelligence Committee warned that the information accessed on a Homeland Security intelligence-sharing network may risk national security. First seen on techcrunch.com Jump to article: techcrunch.com/2026/07/02/us-government-says-it-got-hacked-again/ also interesting: More telecom firms were breached by Chinese hackers than previously reported Will politicization of security clearances make US cybersecurity firms radioactive? Cybersecurity…
-
The 10 Hottest AI Security Startups Of 2026 (So Far)
The hottest AI security startups of 2026 so far include emerging vendors with capabilities for AI security posture management (AI-SPM), agent security, AI governance, runtime protection and AI red teaming. First seen on crn.com Jump to article: www.crn.com/news/security/2026/the-10-hottest-ai-security-startups-of-2026-so-far also interesting: Cloud Access Security Broker ein Kaufratgeber Why Palo Alto Networks Is Eyeing a $700M Buy…
-
BioShocking-Angriff hebelt KI-Schutzfilter aus
Der Prompt-Injection-Angriff BioShocking bringt KI-Browser dazu, Sicherheitsfilter zu ignorieren und sensible Nutzerdaten wie Passwörter zu stehlen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/bioshocking-angriff-ki-schutzfilter also interesting: Passwort Folge 7: Prompt Injections Die wertvollsten Security-Zertifizierungen We’ve crossed the security singularity – Impart Security HackedGPT: Tenable deckt Sicherheitslücken in ChatGPT auf
-
Most cybersecurity workers have been told to conceal a breach, report finds
The security firm Bitdefender’s annual survey also found that U.S. companies were simultaneously more confident and more strained on cyber defense than foreign peers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/data-breach-coverups-ai-bitdefender/824331/ also interesting: CISA Probes Nevada Cyber Breach Amid Surge in State Attacks Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362 Middle…
-
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API.”In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail, targeting access compromise via APIs,” Kaspersky said in a detailed report…
-
Opera Browser Adds Native Paste Protect to Stop Clipboard Hijacking and Code Injection Attacks
Opera has announced a new native security feature called “Paste Protect,” which aims to combat clipboard hijacking and command injection attacks directly within the browser. This marks a significant advancement in proactive endpoint protection at the user interaction level. Introduced on July 2, 2026, the feature is enabled by default. It addresses a rapidly growing…
-
Scattered Spider suspect extradited over $8 million ransom scheme
A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S. companies, including the breach of a luxury … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/02/scattered-spider-criminal-group-suspect-extradited/ also interesting: PowerSchool hacker now extorting individual school districts Operation 999: Ransomware tabletop tests cyber execs’ response Operation Secure…
-
KI flutet Sicherheitsteams mit Warnmeldungen
Der ‘Exposure Gap Report 2026″ von Check Point zeigt: KI-gesteuerte Angriffen verkürzen das Reaktionsfenster immer weiter. Die Priorisierung von Schwachstellen wird wichtiger als die Erkennung. Denn der Anteil kritischer Sicherheitslücken hat sich im vergangenen Jahr mehr als verdoppelt, obwohl weniger als eine von zwölf Meldungen sofortige Maßnahmen erforderte. Automatisierte und KI-gestützte Angriffstools verändern sowohl das…
-
Analyse der Anubis-Ransomware deckt das Vorgehen der Angreifer auf
Arctic Wolf Labs veröffentlicht neue Forschungsergebnisse, die über die bisherige Berichterstattung zur Anubis-Ransomware hinausgehen und auf Erkenntnissen aus fast sechs Monaten Incident-Response-Untersuchungen basieren. Nun haben Verteidiger zusätzliche Möglichkeiten, Angriffe frühzeitig zu erkennen und zu stoppen noch bevor die Ransomware zum Einsatz kommt. Im Mittelpunkt der Analyse steht nicht die Ransomware selbst, sondern das Vorgehen […]…
-
Ransomware statt Interpol-Beweisvideo
Im Rahmen einer Malware-Kampagne haben Cyberkriminelle kleine Unternehmen in Europa, Asien, dem Mittleren Osten und den USA angeschrieben. Dabei gaben sie sich laut Analyse der Bitdefender-Experten als Beamte von Interpol aus. Die Betrüger behaupteten, ein passwortgeschütztes Archiv mit Dokumenten und Videomaterial zu verdächtigen Aktivitäten des Opferunternehmens zuzusenden. Dahinter verbarg sich in Wirklichkeit Ransomware. Die Opfer…
-
Hacking-Turbo dank KI? Warum der Mittelstand andere Sorgen als Claude Mythos hat
First seen on t3n.de Jump to article: t3n.de/news/hacking-turbo-dank-ki-warum-der-mittelstand-andere-sorgen-als-claude-mythos-hat-1749602/ also interesting: Microsoft launches Zero Day Quest hacking event with $4 million in rewards Anthropic AI-powered cyberattack causes a stir 12 ways attackers abuse cloud services to hack your enterprise 6 ways attackers abuse AI services to hack your business
-
Hacking-Turbo dank KI? Warum der Mittelstand andere Sorgen als Claude Mythos hat
First seen on t3n.de Jump to article: t3n.de/news/hacking-turbo-dank-ki-warum-der-mittelstand-andere-sorgen-als-claude-mythos-hat-1749602/ also interesting: Trump disbands Cyber Safety Review Board, Salt Typhoon inquiry in limbo Xanthorox AI Surfaces on Dark Web as Full Spectrum Hacking Assistant Wie Unternehmen sich gegen neue KI-Gefahren wappnen Jack & Jill went up the hill, and an AI tried to hack them
-
Cybersecurity-Wendepunkt: Chinesisches KI-Modell erreicht Mythos-Niveau und ist frei verfügbar
First seen on t3n.de Jump to article: t3n.de/news/cybersecurity-wendepunkt-chinesisches-ki-modell-erreicht-mythos-niveau-und-ist-frei-verfuegbar-1750258/ also interesting: Google Continues Mixing Generative AI into Cybersecurity UK Cybersecurity Weekly News Roundup 23 March 2025 Do CISOs need to rethink service provider risk? Can Agentic AI be trusted with sensitive data?
-
Seit Jahren unentdeckt: Millionenfach installierte Browsererweiterungen enthalten Malware
Tags: malwareFirst seen on t3n.de Jump to article: t3n.de/news/millionenfach-installierte-browsererweiterungen-malware-1750355/ also interesting: Report: Advanced Malware Targeting Organizations up Nearly 400… [News] British Malware Can Take Over IPhones Never Before Seen Linux Malware Gets Installed Using 1-Day Exploits Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
-
Agentjacking: Wie gefälschte Fehlerberichte KI-Agenten kapern
Tags: aiFirst seen on t3n.de Jump to article: t3n.de/news/agentjacking-manipulierte-fehlerberichte-kapern-ki-agenten-1750469/ also interesting: Die Auswirkungen von ChatGPT auf die IT-Security Schnellere Einblicke, Agilität und verbesserte KI sind heute wichtiger denn je âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [3 February] NeMo Guardrails: Sicheres Framework für KI-Agenten – Nvidia stärkt KI-Sicherheit mit neuen NeMo Guardrails Microservices
-
Ransomware im Anmarsch: Hacker greifen mit Interpol-Masche an
Angreifer geben sich bei Unternehmen als Personal von Interpol aus und ködern mit angeblichen Beweismitteln. Doch stattdessen gibt es Ransomware. First seen on golem.de Jump to article: www.golem.de/news/ransomware-im-anmarsch-hacker-greifen-mit-fieser-interpol-masche-an-2607-210436.html also interesting: Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks How defenders use the dark web…
-
Cloudflare will das Agentic Internet fairer machen und setzt neue Regeln für KI-Bots
Neue Klassifizierungen, verbesserte Analysen und Partnerschaften sollen Website-Betreibern und transparenten KI-Unternehmen helfen, gemeinsam ein florierendes “Agentic Internet” aufzubauen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-will-das-agentic-internet-fairer-machen/a45655/ also interesting: CIO POV: Building trust in cyberspace Huge Trove of Nude Images Leaked by AI Image Generator Startup’s Exposed Database FireTail’s 2022 Review on Macro, Industry, and Thoughts…
-
Mythos 5 und Fable 5 bald wieder verfügbar – Anthropic darf KI-Modelle wieder exportieren
Tags: aiFirst seen on security-insider.de Jump to article: www.security-insider.de/anthropic-darf-ki-modelle-wieder-exportieren-a-15bf4c6c81971ac76c9bc17fc89ad99d/ also interesting: AI forces security leaders to rethink hybrid cloud strategies Diliko Launches Partner Program to Help Service Providers Deliver AI Data Solutions Without Infrastructure Burden Nur jedes fünfte Unternehmen ist reif für Automatisierung und KI News alert: Miggo Security lauded for preventing AI-borne attacks with behavior-aware…
-
Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybercriminals-pose-interpol/ also interesting: How defenders use the dark web Interpol Operation Shuts Down 22,000 Malicious Servers 13 ways attackers use generative AI to exploit your systems INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in…
-
Researcher Behind ‘Exploitarium’ Explains Release of Undisclosed Zero-Day Exploits
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researcher-exploitarium-exploits/ also interesting: Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) Fortinet zero-day attack spree hits at least 50 customers Saturday Security: Zero-Day Logitech Breach Exposes 1.8TB of…
-
Identity Lifecycle Management Wasn’t Built for AI Agents
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise environments, the governance model built for humans develops structural blind spots that traditional IGA tools weren’t designed to detect. This guide covers where that model…
-
When Too Much Security Data Became the Risk
Rapid growth turned routine firewall logs into a security and budget liability. One CISO used artificial intelligence to filter what data truly belongs in the SIEM. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/too-much-security-data-risk also interesting: The Triple Threats CISOs cannot ignore: A Perfect Storm of Digital Frontlines, Dark AI and Quantum Leaps 6 hot cybersecurity…
-
When Too Much Security Data Became the Risk
Rapid growth turned routine firewall logs into a security and budget liability. One CISO used artificial intelligence to filter what data truly belongs in the SIEM. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/too-much-security-data-risk also interesting: The Triple Threats CISOs cannot ignore: A Perfect Storm of Digital Frontlines, Dark AI and Quantum Leaps 6 hot cybersecurity…
-
Anthropic’s AI Finds Bugs. IBM Bets $5B It Can Fix Them.
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic’s Mythos findings ignite debate over how to secure the open-source software supply chain. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/anthropic-s-ai-finds-bugs-ibm-bets-5b-it-can-fix-them- also interesting: 10 top XDR tools and how to evaluate them Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts,…
-
Phishing Campaign Uses Fake Invoice PDF to Drop AsyncRAT, VenomRAT, and XWorm
A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily AsyncRAT, but also VenomRAT and XWorm via layered shortcuts. TryCloudflare quick tunnels, and disguised Python packages. The campaign echoes an August attack previously analysed by X”‘Labs and reinforces the group’s 2025 Future Insights prediction that…
-
Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers
A wide-reaching campaign in which attackers abused the legitimate remote administration tool ScreenConnect to deploy AsyncRAT via faux software installers. The infection chain leverages trusted binaries, DLL sideloading, reflective loading and process hollowing to achieve stealthy persistence and remote control an approach that capitalizes on the very trust enterprises place in remote management tools. The…
-
Microsoft fixes bug that removed Copilot buttons in Outlook
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Copilot Chat (Basic) license. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-that-removed-copilot-button-in-outlook/ also interesting: CISA Warns of Active Exploitation of Microsoft Windows Win32k Vulnerability ‘Secure email’: A losing battle CISOs must give…
-
Cloudflare changes AI crawler access rules
Cloudflare introduced new controls that let website owners manage AI traffic across three categories: Search, Agent, and Training. The feature is available to all Cloudflare … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/02/cloudflare-ai-crawler-controls/ also interesting: Beware cybersecurity tech that’s past its prime, 5 areas to check or retire Das gehört in Ihr Security-Toolset Fine-Grained…
-
Cyberphysische-Sicherheitsplattform um innovative Funktionen zur Mikrosegmentierung erweitert
Der Spezialist für die Sicherheit von cyberphysischen Systemen (CPS), Claroty, baut das ‘Claroty Technology Alliances Program” (CTAP) weiter aus: Mit neuen Partnern wie Akamai, Colortokens, Corsha, Elisity und Zero Networks wird die CPS-Sicherheitsplattform um innovative Funktionen zur Mikrosegmentierung erweitert. So wird die Widerstandsfähigkeit von kritischen Infrastrukturen erheblich verbessert. Laut Gartner ist Mikrosegmentierung ‘in kritischen Infrastrukturen…
-
Kontrolle über Sharepoint-Berechtigungen auf Datei-, Ordner- und Elementebene
Tags: aiDer zunehmende Einsatz von künstlicher Intelligenz in Unternehmen verschärft bestehende Datenrisiken. Dies gilt insbesondere für zu weit gefasste Berechtigungen in Sharepoint. So stufen zwei Drittel (68 %) der IT-Verantwortlichen anonyme Freigabelinks als Sicherheitsrisiko ein. 76 Prozent fürchten, dass durch KI versehentlich vertrauliche Dateien in die falschen Hände gelangen können. Vor diesem Hintergrund stellt Coreview, Spezialist…
-
Ransomware im Anmarsch: Hacker greifen mit fieser Interpol-Masche an
Angreifer geben sich in Phishing-Mails als Personal von Interpol aus und locken mit angeblichen Beweismitteln. Doch stattdessen gibt es Ransomware. First seen on golem.de Jump to article: www.golem.de/news/ransomware-im-anmarsch-hacker-greifen-mit-fieser-interpol-masche-an-2607-210436.html also interesting: How defenders use the dark web Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks…
-
CISA Adds Actively Exploited Microsoft SharePoint Vulnerability to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a newly discovered vulnerability in Microsoft SharePoint Server, tracked as CVE-2026-45659, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition highlights the active exploitation risks present in enterprise environments. The vulnerability falls under the CWE-502 (Deserialization of Untrusted Data) category, allowing an authenticated attacker to…
-
EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft
A fully featured phishing-as-a-service (PhaaS) panel named “ARToken” that closely mirrors the EvilTokens infrastructure first profiled in early 2026, but with a broader and deeper post-compromise toolkit. ARToken’s React single-page application exposes more than 80 API endpoints enabling device-code phishing, Primary Refresh Token (PRT) persistence, mailbox takeover, business email compromise (BEC) workflows, and SharePoint exfiltration…
-
EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft
A fully featured phishing-as-a-service (PhaaS) panel named “ARToken” that closely mirrors the EvilTokens infrastructure first profiled in early 2026, but with a broader and deeper post-compromise toolkit. ARToken’s React single-page application exposes more than 80 API endpoints enabling device-code phishing, Primary Refresh Token (PRT) persistence, mailbox takeover, business email compromise (BEC) workflows, and SharePoint exfiltration…
-
950 Oracle E-Business Suite Instances Exposed as CVE-2026-46817 Attacks Observed in the Wild
Around 950 internet-facing Oracle E-Business Suite (EBS) instances have been identified as exposed following enhanced scanning efforts. At the same time, active exploitation attempts tied to CVE-2026-46817 have already been observed in the wild. The findings were disclosed by The Shadowserver Foundation, which recently expanded its fingerprinting capabilities through domain-based scanning in collaboration with Validin.…
-
Cisco finally confirms attackers exploiting Unified CM flaw
Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-finally-confirms-attackers-exploiting-unified-cm-flaw/ also interesting: Actively exploited Cisco UC bug requires immediate, version”‘specific patching Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day Cisco Unified CM Flaw Exploited After PoC Reveals…
-
430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link
FortiBleed exposed 430,000 FortiGate firewalls, linked to INC Ransom and Lynx, enabling domain compromise and at least 12 ransomware attacks. SOCRadar’s Threat Research Unit has connected FortiBleed, a large-scale campaign that harvested credentials from over 430,000 FortiGate firewalls worldwide, directly to two active ransomware operations: INC Ransom and Lynx. The link isn’t circumstantial. An operator…
-
430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link
FortiBleed exposed 430,000 FortiGate firewalls, linked to INC Ransom and Lynx, enabling domain compromise and at least 12 ransomware attacks. SOCRadar’s Threat Research Unit has connected FortiBleed, a large-scale campaign that harvested credentials from over 430,000 FortiGate firewalls worldwide, directly to two active ransomware operations: INC Ransom and Lynx. The link isn’t circumstantial. An operator…

