Tag: malicious
-
AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection
A highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as CVE-2026-29058, this zero-click, unauthenticated operating system command injection vulnerability allows hackers to hijack streams and remotely execute malicious shell commands. The flaw carries a maximum critical severity score of 9.8 out of 10.…
-
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets
Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service (DoS) conditions by sending specifically crafted, malformed network packets. A successful attack against a message…
-
Latest OpenClaw Security Risk: Fake GitHub Repositories Used to Deploy Infostealers
Huntress researchers said actors used a malicious repository on GitHub to lure victims into downloading a bogus OpenClaw installer that delivered infostealer malware and the GhostSocks proxy. The fake installer was given greater legitimacy by being hosted on GitHub and its high ranking in Bing AI searches. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/latest-openclaw-security-risk-fake-github-repositories-used-to-deploy-infostealers/
-
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech
Enterprise software was a major focus of zero-day activity during 2025, with security and networking devices, like firewalls, VPNs, and virtualization platforms, among the top targeted by malicious hackers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/05/google-says-half-of-all-zero-days-it-tracked-in-2025-targeted-buggy-enterprise-tech/
-
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-insider-risk-critical-business/
-
Interview with Tom Howe of Hydrolix: AI Bots, the Friends, Foes, and Frenemies of Online Shopping
Hydrolix expert Tom Howe explains how AI bots impact ecommerce, how to spot good vs malicious bots, and why blocking them can hurt sales. First seen on hackread.com Jump to article: hackread.com/interview-tom-howe-hydrolix-ai-bots-online-shopping/
-
ContextCrush Flaw Exposes AI Development Tools to Attacks
Critical flaw ContextCrush in Context7 MCP Server could allow malicious instructions into AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/contextcrush-ai-development-tools/
-
ContextCrush Flaw Exposes AI Development Tools to Attacks
Critical flaw ContextCrush in Context7 MCP Server could allow malicious instructions into AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/contextcrush-ai-development-tools/
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
Stringent defenses needed: CSOs must employ stringent defenses against tools that use reverse proxies, Beggs said, including strengthening email filtering by enforcing DMARC, DKIM, and SPF; enforcing secure session handling at the edge by using client-bound session tokens tied to device or TLS certificates; ensuring continuous validation by issuing a new challenge when the device fingerprint…
-
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
Stringent defenses needed: CSOs must employ stringent defenses against tools that use reverse proxies, Beggs said, including strengthening email filtering by enforcing DMARC, DKIM, and SPF; enforcing secure session handling at the edge by using client-bound session tokens tied to device or TLS certificates; ensuring continuous validation by issuing a new challenge when the device fingerprint…
-
Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files
Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious calendar invites. The post Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-perplexity-comet-browser-vulnerability-local-files/
-
Perplexity’s Comet Browser Breached Through Calendar Invite Attack
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “PleaseFix” family, affected Comet on macOS, Windows, and Android and was rated P1 (critical) in Bugcrowd. The attack required no…
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.The names of the packages are listed below -nhattuanbl/lara-helper (37 Downloads)nhattuanbl/simple-queue (29 Downloads)nhattuanbl/lara-swagger (49 Downloads) First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html
-
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.The names of the packages are listed below -nhattuanbl/lara-helper (37 Downloads)nhattuanbl/simple-queue (29 Downloads)nhattuanbl/lara-swagger (49 Downloads) First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html
-
AzCopy Utility Misused for Data Exfiltration in Ongoing Ransomware Attacks
Ransomware operators are increasingly abusing Microsoft’s trusted Azure data transfer utility, AzCopy, to quietly exfiltrate sensitive data before encryption, turning a routine cloud migration tool into a stealthy theft channel. Instead of relying on obviously malicious tools like Rclone or MegaSync, threat actors are pivoting to native, administrator-approved cloud utilities to blend into normal IT…
-
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.”Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said…
-
Phishing Campaign Uses Google Cloud to Host Malicious Redirects via GCS Bucket
A sophisticated phishing campaign has recently emerged, leveraging Google Cloud’s trusted infrastructure to host malicious redirects. The campaign’s technical structure leverages Google Cloud Storage legitimate domain, googleapis.com, which is widely trusted by mail gateways and end users alike. This provides the attackers an opportunity to bypass common security layers such as SPF and DKIM validation.…
-
Malicious Laravel Packages Deploy PHP RAT, Grant Remote Access to Attackers
Malicious Packagist packages masquerading as Laravel helper utilities are delivering an obfuscated PHP remote access trojan (RAT) that grants full remote control over compromised hosts. Two of these, nhattuanbl/lara-helper and nhattuanbl/simple-queue, embed a byte”‘for”‘byte identical RAT payload in src/helper.php. A third package, nhattuanbl/lara-swagger, appears benign but hard”‘depends on lara-helper, ensuring the malware is installed transitively whenever developers require the swagger utility.…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…
-
Hackers abuse OAuth error flows to spread malware
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-hackers-abuse-oauth-error-flows-to-spread-malware/
-
NDSS 2025 Be Careful Of What You Embed: Demystifying OLE Vulnerabilities
Tags: conference, cve, data, detection, exploit, Internet, malicious, microsoft, network, office, remote-code-execution, risk, tool, vulnerability, windowsSession 14C: Vulnerability Detection Authors, Creators & Presenters: Yunpeng Tian (Huazhong University of Science and Technology), Feng Dong (Huazhong University of Science and Technology), Haoyi Liu (Huazhong University of Science and Technology), Meng Xu (University of Waterloo), Zhiniang Peng (Huazhong University of Science and Technology; Sangfor Technologies Inc.), Zesen Ye (Sangfor Technologies Inc.), Shenghui Li…