Tag: attack
-
AI Threats and Alert Fatigue Challenge Cybersecurity Teams
Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-threats-alert-fatigue-challenge/
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
2026 World Cup billed as ‘largest entertainment attack surface in history’
With the tournament underway across North America, Palo Alto Networks warns that temporary supplier ecosystems, vulnerable municipal infrastructure and geopolitical tensions are creating risks for enterprises and fans First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644594/2026-World-Cup-billed-as-largest-entertainment-attack-surface-in-history
-
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
Ukraine has been added to the EU Cybersecurity Reserve, which provides incident response services against large-scale incidents First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ukraine-included-eu-cyber-reserve/
-
EdTech Faces a Cybersecurity Crisis: Data Breaches Surge
EdTech firms face rising cyberattacks as ShinyHunters and FulcrumSec target schools, exposing sensitive data and disrupting services. Resecurity (USA) warns the education technology (EdTech) sector has become a prime target for cybercriminals, as attacks against educational institutions and related platforms continue to escalate. Recent high-profile incidents, including attacks by groups such as ShinyHunters and FulcrumSec,…
-
Ukraine can now tap EU cyber support during major attacks
Ukraine can now call on emergency cyber support from the European Union during large-scale cybersecurity incidents. The move follows a decision by the Council of the European … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/ukraine-eu-cybersecurity-reserve-support/
-
Cybercriminals Are Targeting EdTech: Data Breaches and Ransomware Attacks on the Rise
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cybercriminals-are-targeting-edtech-data-breaches-and-ransomware-attacks-on-the-rise
-
144 Mastra npm Packages Compromised via Hijacked Contributor Account
As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.”A single npm account (ehindero) mass-published more First seen on…
-
JetBrains Plugin Security Alert: 70,000+ Installs Linked to AI Key Theft
A coordinated supply chain attack targeting JetBrains IDE users has exposed over 70,000 developers to silent credential theft. The campaign involves at least 15 malicious plugins distributed via the JetBrains Marketplace, masquerading as AI-powered coding assistants built on models such as DeepSeek. While these plugins function as advertised, offering features like code review, chat, and…
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
Tags: advisory, attack, authentication, cve, cyber, flaw, framework, github, injection, vulnerabilityA critical security vulnerability tracked as CVE-2026-49468 has been disclosed in the LiteLLM framework, exposing deployments to authentication bypass attacks via Host header injection. The issue, published in the GitHub Advisory Database and classified under GHSA-4xpc-pv4p-pm3w, affects all LiteLLM versions before 1.84.0 and has been assigned a critical severity rating due to its potential impact…
-
Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection
Tags: advisory, attack, authentication, cve, cyber, flaw, framework, github, injection, vulnerabilityA critical security vulnerability tracked as CVE-2026-49468 has been disclosed in the LiteLLM framework, exposing deployments to authentication bypass attacks via Host header injection. The issue, published in the GitHub Advisory Database and classified under GHSA-4xpc-pv4p-pm3w, affects all LiteLLM versions before 1.84.0 and has been assigned a critical severity rating due to its potential impact…
-
The checklist problem behind critical infrastructure cyber safety
An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/usa-critical-infrastructure-cyber-safety/
-
The checklist problem behind critical infrastructure cyber safety
An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/usa-critical-infrastructure-cyber-safety/
-
Ent Raises $100M to Reinvent Endpoint Security for AI Era
Startup Analyzes Endpoint Behavior to Stop Incidents Before Security Teams Respond. Endpoint security startup Ent emerged from stealth with a $100 million seed round led by Decibel, betting that intent-aware AI running on endpoints can prevent increasingly automated AI-driven attacks before traditional detection and response tools have time to react. First seen on govinfosecurity.com Jump…
-
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/http-2-bomb-attacks-telcos-healthcare
-
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it’s seen active exploitation of three vulnerabilities in Fortinet FortiSandbox within a 24-hour window. Two of them had patches sitting available since April. The third got fixed last week, which, apparently, wasn’t…
-
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving malware undetected. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ghosttree-attack-abused-recursive-windows-junctions-to-hide-malware/
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
CISA warns of another cPanel plugin flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-another-actively-exploited-cpanel-plugin-flaw/
-
Hackers Abuse Compromised WordPress Sites to Deliver GULoader Through EtherHiding Chain
In April 2026, incident responders traced a sophisticated intrusion that abused compromised WordPress sites to deliver GULoader via an EtherHiding → ClickFix → UNC-chain. The real-world ClickFix incident produced convergent evidence from an ANY.RUN sandbox detonation and live EDR telemetry, revealing a complete, user-initiated attack path from a WordPress mu-plugin backdoor to a blocked rundll32.exe…
-
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-ransomware-hidden/
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/