Tag: exploit
-
Xiaomi Phishing Attempt Red Flags You Can’t Afford to Ignore
The blog describes a phishing campaign targeting Xiaomi users, where attackers send realistic emails posing as official communications to trick recipients into clicking malicious links and entering credentials on a fake login page. It highlights how these attacks use convincing branding, urgency, and polished design, often enhanced by AI, to exploit user trust rather than…
-
Xiaomi Phishing Attempt Red Flags You Can’t Afford to Ignore
The blog describes a phishing campaign targeting Xiaomi users, where attackers send realistic emails posing as official communications to trick recipients into clicking malicious links and entering credentials on a fake login page. It highlights how these attacks use convincing branding, urgency, and polished design, often enhanced by AI, to exploit user trust rather than…
-
Xiaomi Phishing Attempt Red Flags You Can’t Afford to Ignore
The blog describes a phishing campaign targeting Xiaomi users, where attackers send realistic emails posing as official communications to trick recipients into clicking malicious links and entering credentials on a fake login page. It highlights how these attacks use convincing branding, urgency, and polished design, often enhanced by AI, to exploit user trust rather than…
-
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coruna-ios-exploit-framework-linked-to-triangulation-attacks/
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-top-cyber-priority-defenders-pwc/
-
UK sanctions Chinese crypto marketplace tied to scam compounds
The British government sanctioned Xinbi, a Chinese-language cryptocurrency marketplace accused of enabling large-scale online fraud and human exploitation, in a move targeting the financial infrastructure behind global scam networks. First seen on therecord.media Jump to article: therecord.media/xinbi-crypto-marketplace-sanctioned
-
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, network, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical code-injection vulnerability in Langflow. Tracked as CVE-2026-33017, this severe security flaw has been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog following verified evidence of active exploitation in the wild. Network defenders and organisations utilising Langflow in their development…
-
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
Tags: attack, cyber, data, endpoint, exploit, group, incident response, ivanti, mobile, remote-code-execution, threat, vulnerability, zero-dayIn February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recent incident response investigation by WithSecure’s STINGR Group revealed that attackers used highly automated methods to exfiltrate sensitive data from compromised servers within seconds. These zero-day vulnerabilities allow unauthenticated attackers to execute arbitrary code…
-
Silver Fox Tax Audit Phishing Campaign Shifts from RATs to Python Stealers
Tags: apt, backdoor, china, cyber, cybercrime, exploit, group, intelligence, monitoring, phishing, rat, threat, vulnerabilityThreat intelligence teams have tracked Silver Fox (also known as Void Arachne), a China-based intrusion set that sits at the intersection of financially motivated cybercrime and APT-style espionage. Originally associated with large-scale, profit-driven campaigns, the group has steadily adopted more advanced tradecraft, including modular backdoors, rootkits, and the exploitation of vulnerable drivers. TDR’s monitoring between…
-
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky.”When Coruna was first reported, the public evidence wasn’t sufficient to link…
-
WatchGuard Internet Security Report 2HJ. 2025 – Deutschland Platz drei bei Office-Exploits weltweit
First seen on security-insider.de Jump to article: www.security-insider.de/watchguard-report-2025-deutschland-office-exploits-web-shells-a-cf10d914b701cfad4dfbf9975b19b0d9/
-
Fake VS Code Security Alerts on GitHub Spread Malware in Massive Phishing Attack
A large-scale phishing campaign is actively targeting developers on GitHub by abusing the platform’s Discussions feature to distribute fake Visual Studio Code (VS Code) security alerts. The campaign appears highly coordinated, with thousands of near-identical posts discovered across multiple repositories, indicating automated mass exploitation rather than isolated abuse. Attackers are creating GitHub Discussions with alarming…
-
Node.js Releases Urgent Patches for Multiple Vulnerabilities Exposing Systems to DoS and Crashes
The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.20.2 ‘Iron’ as a security release. This urgent patch addresses seven distinct vulnerabilities impacting TLS error handling, HTTP/2 flow control, cryptographic timing, and permission models. Several of these issues can be exploited remotely without authentication, posing an immediate risk…
-
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
CSO in an email, because the hole allows an unauthenticated remote attacker to leak potentially sensitive information from the appliance’s memory.”This vulnerability is one that threat actors and researchers alike are paying attention to,” he said.The vulnerability carries similar ramifications to 2023’s CitrixBleed and 2025’s CitrixBleed2 memory leak vulnerabilities, Emmons added. Then, unauthenticated attackers with…
-
AI Exploits, Data Breaches, and Zero-Days Define This Week’s Cybersecurity Landscape
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-exploits-data-breaches-and-zero-days-define-this-weeks-cybersecurity-landscape/
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
Citrix urges admins to patch NetScaler flaws as soon as possible
Citrix has patched two NetScaler ADC and NetScaler Gateway vulnerabilities, one of which is very similar to the CitrixBleed and CitrixBleed2 flaws exploited in zero-day attacks in recent years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-urges-admins-to-patch-netscaler-flaws-as-soon-as-possible/
-
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-id-industrial-scale/
-
North Korean Hackers Are Turning VS Code Into a Silent Attack Tool
Developer environments are designed for speed, automation, and flexibility. Features like auto-run tasks and integrated scripting help streamline workflows, but they can also introduce new security risks when abused. New reporting from The Hacker News reveals that North Korean threat actors are exploiting auto-execution features in Visual Studio Code to execute malicious code on developer…
-
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerabilityAn expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…
-
KI-Agenten zur sicheren Validierung von Sicherheitslücken und autonomer Behebung
Qualys hat ‘Agent Val” als Teil von ‘Enterprise TruRisk Management” (ETM) eingeführt. Agent-Val ermöglicht dem Risk-Operations-Center (ROC) eine sichere, agentengesteuerte Exploit-Validierung und autonome Risikobehebung. Agent-Val steht für einen grundlegenden Wandel im Schwachstellen- und Risikomanagement: weg von einer auf Annahmen basierenden Priorisierung, hin zu einer evidenzbasierten Umsetzung. Dies beschleunigt die Reaktion, reduziert unnötigen Aufwand und führt…
-
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed.This incident is worrying, but there’s a scenario…
-
Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access
A critical vulnerability dubbed >>PolyShell<< is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on March 17, 2026, this flaw allows unauthenticated attackers to upload executable files via the platform's REST API. Because no official patch currently exists for production versions, thousands of online stores are…
-
DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses
Cybersecurity researchers say the GitHub leak threatens to “democratize” iPhone exploits that were once reserved for nation-states, potentially putting hundreds of millions of iOS 18 devices at risk. First seen on cyberscoop.com Jump to article: cyberscoop.com/darksword-iphone-spyware-leak-ios-18-exploit-threat/
-
BSidesSLC 2025 Restless Guests Azure Exploit Exposed
Author, Creator & Presenter: Simon Maxwell-Stewart – Security Researcher And Data Scientist At BeyondTrust Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-restless-guests-azure-exploit-exposed/
-
New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack
A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk. The post New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-darksword-leak-iphone-exploit-risk-after-initial-attack/
-
BSidesSLC 2025 Buffer Overflows Demystified — Chaitanya Rahalkar On Exploits Patching
Author, Creator & Presenter: Chaitanva Rahalkar, Software Security Engineer at Block Inc. Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-buffer-overflows-demystified-chaitanya-rahalkar-on-exploits-patching/