Tag: attack
-
A Security Gets $37M to Thwart Weaponized AI With Automation
Lightspeed Funds Will Support Defenses Against Continuous, Machine-Led Exploitation. A Security, founded by former Sygnia executive Yossi Torati, emerged from stealth with $37 million to build defenses against weaponized AI that can automate discovery, exploit attack paths and manipulate agentic systems faster than human security teams can respond. First seen on govinfosecurity.com Jump to article:…
-
Vietnamese Digital Spies Look for Domestic Targets
Eset Says Threat Actor Redirected Efforts From Foreign Operations. Eset linked OceanLotus, also known as APT32, to a supply-chain attack on Vietnam’s FireAnt financial platform and a prolonged intrusion into a transport infrastructure company, suggesting the state-aligned threat actor is increasingly focused on gathering intelligence from domestic targets. First seen on govinfosecurity.com Jump to article:…
-
Researchers build autonomous AI worm that can reason and adapt
University of Toronto researchers created a proof-of-concept AI worm that dynamically identifies vulnerabilities and adapts its attack strategies. Here’s what it means for enterprises. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643829/Researchers-build-autonomous-AI-worm-that-can-reason-adapt
-
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/
-
Phishing Attack Volume Down 20%, but Risk Still Rising
Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiplying them. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-analytics/phishing-volume-down-20-risk-rising
-
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs.Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a…
-
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis).According to a detailed report First seen on…
-
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials.The bigger problem is how polished this…
-
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials.The bigger problem is how polished this…
-
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface Management
Tags: attackTorrance, United States / California, 11th June 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/criminal-ip-at-infosecurity-europe-2026-introducing-aitem-the-next-chapter-of-attack-surface-management/
-
Why AI-driven threats are exposing the limits of MSP security stacks
AI-driven attacks are exposing the limits of fragmented MSP security stacks and slow response workflows. Kaseya breaks down why integrated security, automation, and recovery are becoming essential. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-ai-driven-threats-are-exposing-the-limits-of-msp-security-stacks/
-
Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware
Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions. First seen on hackread.com Jump to article: hackread.com/hackers-fake-claude-code-guide-ai-pdfs-asyncrat/
-
Oracle PeopleSoft servers under attack, Oracle pushes outband security alert
A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/11/oracle-peoplesoft-under-attack-cve-2026-35273/
-
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER.The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transport construction corporation between mid-2024 and February 2026, as well as a supply chain attack…
-
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/extortion-only-attacks-surge/
-
New “Agentjacking” Attacks Could Hijack AI Coding Agents
Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/agentjacking-attacks-hijack-ai/
-
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
GitHub has announced what it said are “breaking changes” coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats.The changes aim to combat attack techniques that abuse the “npm install” command to trigger the execution of malicious code using npm lifecycle hooks. “Npm install” is…
-
Max severity Ivanti Sentry vulnerability now exploited in attacks
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks/
-
Hackers Exploit AWS CloudTrail and Google Cloud Logging to Hide Attacks and Steal Logs
Threat actors increasingly abuse Amazon Web Services (AWS) CloudTrail and Google Cloud Logging to evade detection, poison or exfiltrate logs, and in some cases maintain long-term visibility into victim environments. The techniques are simple in concept, powerful in effect, and evade many orgs that assume logs themselves are sacrosanct. At the core of these attacks…
-
Hackers Exploit AWS CloudTrail and Google Cloud Logging to Hide Attacks and Steal Logs
Threat actors increasingly abuse Amazon Web Services (AWS) CloudTrail and Google Cloud Logging to evade detection, poison or exfiltrate logs, and in some cases maintain long-term visibility into victim environments. The techniques are simple in concept, powerful in effect, and evade many orgs that assume logs themselves are sacrosanct. At the core of these attacks…
-
ShinyHunters gang targets Oracle PeopleSoft servers in data theft attacks
First seen on scworld.com Jump to article: www.scworld.com/brief/shinyhunters-gang-targets-oracle-peoplesoft-servers-in-data-theft-attacks
-
NPM v12 to block supply-chain attacks with new security measures
First seen on scworld.com Jump to article: www.scworld.com/brief/npm-v12-to-block-supply-chain-attacks-with-new-security-measures
-
Claude Mythos 5 Can Build Exploits But Can’t Power Campaigns
Evaluations of Claude Mythos 5 Elevates Offensive Cyber, But Isn’t Fully Autonomous. Anthropic says its new Claude Mythos 5 model that debuted Tuesday can consistently discover vulnerabilities, build exploit chains and assist attacks on weak enterprise networks, but remains below the threshold for fully autonomous large-scale cyber operations. First seen on govinfosecurity.com Jump to article:…
-
Claude Mythos 5 Can Build Exploits But Can’t Power Campaigns
Evaluations of Claude Mythos 5 Elevates Offensive Cyber, But Isn’t Fully Autonomous. Anthropic says its new Claude Mythos 5 model that debuted Tuesday can consistently discover vulnerabilities, build exploit chains and assist attacks on weak enterprise networks, but remains below the threshold for fully autonomous large-scale cyber operations. First seen on govinfosecurity.com Jump to article:…
-
Path traversal flaw in AI dev platform Langflow exploited in attacks
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/
-
North Koreans behind nearly half of US tech industry hacks, says CrowdStrike
North Korean hackers posing as remote IT workers and recruiters remain a major threat to U.S., European, and Asian companies, accounting for about half of all attacks over the past 12 months. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/10/north-koreans-behind-nearly-half-of-us-tech-industry-hacks-says-crowdstrike/
-
The ‘Miasma’ worm source code briefly leaked on GitHub
The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-miasma-worm-source-code-briefly-leaked-on-github/
-
GitHub announces npm security changes to tackle supply-chain attacks
GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the ‘npm install’ command. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-announces-npm-security-changes-to-tackle-supply-chain-attacks/
-
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
Check Point said hackers broke into dozens of organizations by exploiting a VPN bug in several of its products used across the government. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/09/cisa-gives-us-federal-agencies-three-days-to-fix-a-vpn-bug-under-attack-by-a-ransomware-gang/