Tag: attack
-
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-veeam-vulnerability-exposes-backup-servers-to-rce-attacks/
-
Cisco customers encounter another SD-WAN zero-day under attack
The defect marks the seventh actively exploited zero-day in Cisco SD-WANs this year, and the vendor has yet to release a patch. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245/
-
Identity Scams Evolve Into Multi-Stage Attacks
Victims Increasingly Face Multiple Compromises From a Single Incident. Identity theft scams are increasingly unfolding as coordinated, AI-assisted attack chains that begin with phishing or impersonation escalate into account takeovers, device compromise and broader fraud, according to the Identity Theft Resource Center. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/identity-scams-evolve-into-multi-stage-attacks-a-31918
-
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released.The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that…
-
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service.The preprint, posted to…
-
Is Offensive Security Keeping Up with the Latest Cyber Attacks?
Security is not a point-in-time exercise. It’s a cycle of testing, fixing, and starting over. Organisations that treat it as anything less quickly fall behind. In the last decade, we’ve seen how offensive security practices such as penetration testing, combined with follow-up patching and mitigation strategies, have significantly strengthened defences. For instance, Active Directory hardening,…
-
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog. However, it is embedded in the page itself and paired with a spoofed Microsoft OAuth…
-
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
Tags: ai, attack, cisa, cybersecurity, exploit, infrastructure, injection, open-source, vulnerabilityA command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/09/litellm-vulnerability-under-active-attack-cisa-warns-cve-2026-42271/
-
Filigran uses AI agents to make CTEM practical for overstretched security teams
Filigran has unveiled XTM One, an AI-native orchestration layer designed to automate Continuous Threat Exposure Management (CTEM) workflows, as organisations struggle to keep pace with growing volumes of threat intelligence, vulnerabilities and attack data. The launch reflects a broader challenge facing security teams. While many organisations have invested heavily in threat intelligence, attack surface management…
-
French govt messaging service breached in account hijacking attack
DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government’s encrypted messaging platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-govt-messaging-service-breached-in-account-hijacking-attack/
-
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
A newly disclosed “Ghost-Sender” flaw is exposing Microsoft Exchange Online environments to large-scale email spoofing attacks, allowing threat actors to bypass standard email authentication controls and deliver forged messages directly to users’ inboxes. The issue, identified by security researchers Lucas Dodgson, Tobias Oberdörfer, and Robin Hilber, stems from misconfigurations in hybrid or cloud email deployments…
-
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt.You open the page, leave the tab sitting there, and it watches the drive for contention in…
-
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems.”The compromised releases shipped a *-setup.pth file that attempts to execute…
-
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in the immediate aftermath of the incident First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/jlr-cyberattack-ciso-inperson/
-
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
Tags: access, attack, cisa, exploit, government, mobile, ransomware, update, vpn, vulnerability, zero-dayCISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks by Qilin ransomware affiliates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-check-point-flaw-exploited-by-ransomware-gangs/
-
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
In 2026, the traditional network perimeter is obsolete. With the widespread adoption of remote and hybrid work models, multi-cloud environments, and a proliferation of IoT devices, the old >>castle-and-moat<< security model where everything inside the network is trusted by default is no longer viable. This outdated approach leaves organizations vulnerable to sophisticated attacks, including lateral…
-
Top 10 Best Software Composition Analysis (SCA) Services 2026
In 2026, the foundation of nearly every modern application is built on open-source components. While this accelerates development and fosters innovation, it also introduces a significant attack surface. A single vulnerability in a widely-used open-source library can expose countless applications to risk, as demonstrated by past high-profile incidents. The need for robust Software Composition Analysis…
-
Shai-Hulud Malware Campaign Abuses 23 PyPI Packages in Developer-Focused Attack
A rapidly evolving supply chain campaign dubbed “Shai-Hulud” is targeting developers through malicious Python packages. Researchers have identified 23 newly weaponised PyPI artefacts, expanding the scope of the ongoing Mini Shai-Hulud, Miasma, and Hades malware operations. The latest findings highlight a shift in attacker tradecraft, combining multiple delivery techniques to compromise developer environments, CI/CD pipelines,…
-
Meta: NSO Tried Targeting WhatsApp Users Despite Court Order
Meta says WhatsApp disrupted new NSO-linked phishing attacks and is asking a court to hold the spyware firm in contempt. The post Meta: NSO Tried Targeting WhatsApp Users Despite Court Order appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-nso-targeted-users-after-court-ban/
-
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shai-hulud-attack-trojanizes-19-science-focused-pypi-packages/
-
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/silent-ransom-us-law-firms-extortion-attacks
-
‘Hades’ Campaign Against PyPI Puts New Spin on Shai-Hulud
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/hades-campaign-pypi-shai-hulud
-
Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order
Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group.In addition, the tech giant said it’s filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users.”They tried to trick people into clicking on malicious links…
-
WhatsApp says NSO targeted users with spearfishing attacks in violation of court order
Tags: attackWhatsApp said it is filing a federal court contempt order against NSO for violating a permanent injunction that bars it from mounting attacks against its users. First seen on therecord.media Jump to article: therecord.media/whatsapp-says-nso-targeted-users-with-attacks-against-court-order
-
WhatsApp says NSO targeted users with spearfishing attacks in violation of court order
Tags: attackWhatsApp said it is filing a federal court contempt order against NSO for violating a permanent injunction that bars it from mounting attacks against its users. First seen on therecord.media Jump to article: therecord.media/whatsapp-says-nso-targeted-users-with-attacks-against-court-order
-
Companies aren’t prepared for how AI is accelerating impersonation attacks
Businesses generally aren’t taking a proactive enough approach to blocking schemes that spoof their leaders’ identities, according to a new report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-executive-impersonation-outtake-survey/822235/
-
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order
The messaging giant announced that it disrupted a phishing campaign targeting its users with NSO’s spyware. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/08/whatsapp-says-it-caught-new-spyware-attacks-linked-to-nso-group-in-violation-of-court-order/
-
Scale of Synnovis breach widens as Essex NHS Trust comes forward
Mid and South Essex NHS Foundation Trust has become the latest NHS body to confirm data on its patients were stolen in a 2024 ransomware attack on lab services partner Synnovis. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644037/Scale-of-Synnovis-breach-widens-as-Essex-NHS-Trust-comes-forward