Tag: exploit
-
FortiBleed Campaign Uses FortigateSniffer to Harvest 110 Million Credentials From Fortinet Firewalls
A large-scale credential harvesting campaign called “FortiBleed” has been uncovered, revealing how threat actors are exploiting Fortinet FortiGate firewalls to capture authentication data on an unprecedented scale. Research from the SOCRadar Threat Research Unit (STRU) indicates that this operation has already compromised over 110 million credentials by targeting misconfigured or weakly secured devices, turning them…
-
AryStinger Botnet Converts Legacy Routers to Global Proxies
Research Links 4,300 End-of-Life D-Link Routers to Attack Staging. The AryStinger botnet is exploiting decade-old vulnerabilities in outdated and unsupported routers, turning aging devices into a proxy network for scanning targets, hiding threat actor activity and laying the groundwork for future cyberattacks First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/arystinger-botnet-converts-legacy-routers-to-global-proxies-a-32045
-
AryStinger Botnet Converts Legacy Routers to Global Proxies
Research Links 4,300 End-of-Life D-Link Routers to Attack Staging. The AryStinger botnet is exploiting decade-old vulnerabilities in outdated and unsupported routers, turning aging devices into a proxy network for scanning targets, hiding threat actor activity and laying the groundwork for future cyberattacks First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/arystinger-botnet-converts-legacy-routers-to-global-proxies-a-32045
-
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access. The post New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-usbliter8-securerom-exploit-june-2026/
-
FFmpeg fixes PixelSmash flaw in widely used video decoder
A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ffmpeg-fixes-pixelsmash-flaw-in-widely-used-video-decoder/
-
No Zero-Day Tied to 80,000 Harvested Fortinet Credentials
Researchers and Vendor Both Cite Previously Leaked Credentials, Brute-Force Attacks. The FortiBleed campaign harvesting and selling working credentials for 80,000 Fortinet firewalls and SSL-VPN gateways doesn’t appear to tie to a zero-day exploit, but rather attackers reusing leaked credentials or brute-forcing systems with weak password hygiene, the vendor and experts said. First seen on govinfosecurity.com…
-
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak
European offensive cybersecurity company Paradigm Shift released details of a flaw and a technique to exploit it that opens the door for hackers to unlock and break into older iPhones. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/22/a-new-unpatchable-flaw-in-apple-chips-opens-the-door-to-an-iphone-jailbreak/
-
A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak
European offensive cybersecurity company Paradigm Shift released details of a flaw and a technique to exploit it that opens the door for hackers to unlock and break into older iPhones. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/22/a-new-unpatchable-flaw-in-apple-chips-opens-the-door-to-an-iphone-jailbreak/
-
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/
-
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/
-
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/
-
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/
-
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-bootrom-exploit-a12-a13/
-
LACUNA Chain Ghost Frames Technique Bypasses EDR Call-Stack Detection
The LACUNA Chain’s “Ghost Frames” technique introduces a new method for manipulating call stacks that effectively bypasses modern Endpoint Detection and Response (EDR) systems, which rely on kernel-level stack inspection. This marks a significant advancement in post-exploitation tactics. Security researcher Mohamed Alzhrani has described this technique as a continuation of previous research known as “HookChain,”…
-
LACUNA Chain Ghost Frames Technique Bypasses EDR Call-Stack Detection
The LACUNA Chain’s “Ghost Frames” technique introduces a new method for manipulating call stacks that effectively bypasses modern Endpoint Detection and Response (EDR) systems, which rely on kernel-level stack inspection. This marks a significant advancement in post-exploitation tactics. Security researcher Mohamed Alzhrani has described this technique as a continuation of previous research known as “HookChain,”…
-
usbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices
usbliter8 is an unpatchable BootROM exploit affecting A12/A13 devices, enabling code execution and extending checkm8-like risks to newer iPhones. Security researchers at Paradigm Shift published a working exploit on June 18, 2026, called usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. SecureROM is the first code that runs…
-
FortiBleed Campaign Targets FortiGate Devices to Harvest VPN and Admin Credentials
Tags: advisory, attack, authentication, credentials, cyber, data-breach, exploit, fortinet, threat, vpnFortinet has issued a security warning about ongoing credential-harvesting attacks targeting FortiGate devices in a campaign known as “FortiBleed.” Threat actors are exploiting weak authentication practices rather than any newly disclosed vulnerabilities. A PSIRT advisory released on June 19, 2026, by Carl Windsor indicates that the attackers are reusing previously exposed credentials from earlier incidents,…
-
libssh2: Teils kritische Lücken in populärer SSH-Bibliothek
Tags: exploitAngreifer können durch zwei Lücken in libssh2 Schadcode einschleusen oder SSH-Clients stören. Code-Patches gibt es, aber noch kein neues Release. First seen on golem.de Jump to article: www.golem.de/news/libssh2-teils-kritische-luecken-in-populaerer-ssh-bibliothek-2606-210011.html
-
GlassWorm Uses Blockchain-Based C2 and Invisible Unicode to Steal Developer Secrets
A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self”‘propagating worm, and the compromised Nx Console Visual Studio Code extension made clear that IDE plugin ecosystems are now a primary attack surface for AI credential theft. Attackers have shifted from opportunistic phishing to targeted supply”‘chain techniques that exploit the broad privileges…
-
Fortinet Warns of Active FortiBleed Credential Theft Attacks on FortiGate Devices
Tags: advisory, attack, authentication, credentials, cyber, data-breach, exploit, fortinet, theft, threatFortinet has issued a security warning about ongoing credential-harvesting attacks targeting FortiGate devices in a campaign known as “FortiBleed.” Threat actors are exploiting weak authentication practices rather than any newly disclosed vulnerabilities. A PSIRT advisory released on June 19, 2026, by Carl Windsor indicates that the attackers are reusing previously exposed credentials from earlier incidents,…
-
Polizei säubert 15.000 infizierte WordPress-Websites
Im Rahmen der Operation Endgame haben internationale Behörden knapp 15.000 kompromittierte WordPress-Websites vom SocGholish-Schadcode befreit. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-15-000-infizierte-websites
-
Polizei säubert 15.000 infizierte WordPress-Websites
Im Rahmen der Operation Endgame haben internationale Behörden knapp 15.000 kompromittierte WordPress-Websites vom SocGholish-Schadcode befreit. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-15-000-infizierte-websites
-
Polizei säubert 15.000 infizierte WordPress-Websites
Im Rahmen der Operation Endgame haben internationale Behörden knapp 15.000 kompromittierte WordPress-Websites vom SocGholish-Schadcode befreit. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-15-000-infizierte-websites
-
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of The Gentlemen’s technical infrastructure on June 18, the result of months of incident-level investigation corroborated by the group’s own internal data leak from May 2026. Since emerging in late…
-
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites.The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens First seen…
-
CISA Warns of Active Exploitation Following FortiBleed Leak
FortiBleed exposed credentials for 74,000 Fortinet devices, with attackers actively exploiting the leak to target systems worldwide. On June 18, CISA issued an emergency alert after reports surfaced that credentials for approximately 74,000 Fortinet firewalls and VPN gateways had been leaked in what researchers are calling FortiBleed. The agency confirmed that threat actors were actively…
-
AutoJack Exploit Chain Hits Microsoft AutoGen Studio With Zero-Click RCE Attack
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arbitrary code on the host machine, requiring no user interaction beyond submitting a URL. AutoJack targets AutoGen Studio, Microsoft Research’s open-source prototyping UI for multi-agent AI systems. The technique weaponizes the agent’s built-in web-browsing capabilities…
-
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/
-
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips.That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use.This is…