Tag: attack
-
OT attacks shift from recon to physical control, raising stakes
Malicious hackers are no longer just snooping around OT systems, researchers warn. They’re preparing to cause real-world damage. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643451/OT-attacks-shift-from-recon-to-physical-control-raising-stakes
-
Why the browser is now the front line for AI security
AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-the-browser-is-now-the-front-line-for-ai-security/
-
Halo Security Honored with 2026 MSP Today Product of the Year Award
Miami Beach, FL, USA, June 2nd, 2026, CyberNewswire Attack Surface Management Platform Recognized for Exceptional Innovation and Successful Deployment Through The Channel Halo Security today announced that its attack surface management solution has been named a 2026 MSP Today Product of the Year Award winner by TMC, a leading global media company recognized for building…
-
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-weblogic-flaw/
-
Scottish residents granted permission for group action against Capita
People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643816/Scottish-residents-granted-permission-for-group-action-against-Capita
-
How Leading Organizations Are Turning EDR Into Operational Resilience
Most organizations now recognize that endpoint protection alone is no longer sufficient.That’s why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that modern attacks move faster, evade traditional prevention controls, and require continuous visibility into suspicious activity across the environment.But owning EDR First seen on thehackernews.com Jump to…
-
Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve
UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-firms-prioritize-ai-threat/
-
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns about the risk of large-scale device compromise. The issue, tracked as CVE-2025-48595, was highlighted in the Android Security Bulletin for June 2026, released on June 1. Android Zero-Day Vulnerability According to Google, the vulnerability resides…
-
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Tags: ai, attack, cloud, credentials, crypto, cyber, data, hacker, malicious, open-source, pypi, supply-chainHackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campaign spans npm, PyPI, and Crates.io, leveraging 34 malicious packages and 384 versions to target developers working in cryptocurrency, DeFi, AI, and cloud environments. The attackers weaponized legitimate package installation and build mechanisms to silently…
-
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Hackers are actively deploying a sophisticated malware framework dubbed AZUREVEIL, an Adaptix-based command-and-control (C2) agent, through a targeted spearphishing campaign aimed at government and enterprise sectors in the Czech Republic and Taiwan. The attack begins with a malicious ZIP archive delivered via spearphishing emails. The archive contains files disguised as official documents, including a shortcut file…
-
PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
New technical details about PHANTOMPULSE, a sophisticated remote access trojan (RAT) used in multi-stage intrusions targeting Windows environments. The malware represents the final payload in an attack chain previously linked to Obsidian plugin abuse and in-memory loaders, but this latest analysis focuses on its advanced post-exploitation capabilities. PHANTOMPULSE stands out for combining multiple stealth techniques,…
-
TP-Link Router Security Bug Enables Remote Command Execution Attacks
TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi”‘Fi routers that could allow remote command execution once an attacker gains admin access. The vulnerability, tracked as CVE-2026-5509, is rated 8.5 (High) under CVSS v4.0, highlighting the serious risk it poses to both home and small-office networks that rely on…
-
This AI model backdoor attack stays hidden until you customize the model
Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production. The download step … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/ai-model-backdoor-attack-research/
-
This AI model backdoor attack stays hidden until you customize the model
Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production. The download step … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/ai-model-backdoor-attack-research/
-
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of developers and CI/CD environments to credential theft. Security researchers at Aikido confirmed that 96 malicious versions across 32 packages were published on June 1, 2026, with combined weekly downloads exceeding 116,000. Red Hat Cloud Services npm…
-
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of developers and CI/CD environments to credential theft. Security researchers at Aikido confirmed that 96 malicious versions across 32 packages were published on June 1, 2026, with combined weekly downloads exceeding 116,000. Red Hat Cloud Services npm…
-
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party.On May 31, 2026, the company said an “external” threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor authentication…
-
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hijack-thousands-of-sites-for-clickfix-and-fakeupdate-attacks/
-
Red Hat npm packages compromised to steal developer credentials
More than 30 npm packages under Red Hat’s ‘@redhat-cloud-services’ namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed “Miasma.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/
-
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm.”This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential First seen on thehackernews.com Jump…
-
Dashlane password manager users locked out by brute force attacks
Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dashlane-password-manager-users-locked-out-by-brute-force-attacks/
-
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/patch-palo-alto-auth-bypass-bug-exploit
-
âš¡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
Monday hit like a cron job with anger issues.A busted auth path here, a repo-side faceplant there, some “patched-ish” thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI lowering the bar for people who already thought…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
Brute-force attack triggers Dashlane account lockouts
Password manager Dashlane has confirmed that a brute-force attack targeting user accounts triggered temporary account suspensions and authentication issues. The company first … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/dashlane-brute-force-attack-user-accounts/
-
Critical Windows Netlogon RCE flaw now exploited in attacks
Tags: attack, country, cybersecurity, exploit, flaw, rce, remote-code-execution, threat, vulnerability, windowsThe Centre for Cybersecurity Belgium (CCB), the country’s national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/
-
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in a widely used Magento extension is exposing thousands of online stores to remote code execution (RCE) attacks. The vulnerability, tracked as CVE-2026-45247 and rated 9.8 on the CVSS scale, allows attackers to execute arbitrary code on affected servers without authentication. The vulnerability stems from improper handling of user-controlled input within…