Tag: monitoring
-
Webmin Stored XSS Vulnerability Lets Attackers Exploit Root Users
A newly disclosed stored cross-site scripting (XSS) vulnerability in Webmin has raised significant security concerns, as it allows attackers with limited privileges to target and potentially compromise root users. This vulnerability, tracked as CVE-2026-22678, affects Webmin versions before 2.641 and resides in the System and Server Status module, a commonly used component for monitoring system…
-
FlutterShell Malware Uses C2-Delivered JavaScript Payloads to Evade Sandbox Detection
Targeted macOS endpoint monitoring, the CL-CRI-1089 cluster tied to Operation FlutterBridge repurposes the Flutter framework to deliver a novel macOS malware family dubbed FlutterShell. Rather than rehashing prior campaign reporting, this piece treats recovered artifacts as a technical detection case study built from static analysis of ten Mach”‘O samples collected between December 2025 and March…
-
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software.Per findings from Kaspersky, the active campaign is targeting users of WhatsApp Desktop and WhatsApp Web across Malaysia, Brazil, India, Mexico, Singapore, the U.K., Spain, Taiwan, Australia,…
-
Massive GitHub Attack Injects Malware into 10,000 Compromised Repositories
A large-scale malware distribution campaign utilizing GitHub repositories has been uncovered. This coordinated effort weaponized over 10,000 repositories to deliver Trojanized payloads. The activity was first identified on June 18, 2026, and highlights significant gaps in automated detection and monitoring of repositories on one of the world’s most widely used developer platforms. Massive GitHub Attack…
-
State Digital Surveillance Puts Foreign Travelers and Businesses at Risk Across 31 Countries
A new state-surveillance assessment finds that foreign travelers and business staff face high or very high digital risk in 31 countries, where governments increasingly use telecom interception, spyware, AI-enabled monitoring, and data aggregation with little meaningful oversight. The concern is not just espionage in the classic sense; it is the routine conversion of travel, communications,…
-
Heart Monitoring Firm Tells SEC Hackers Stole Sensitive Data
iRhythm: Patient Information and ‘Proprietary’ Data Breached, Held for Ransom. Cardiac monitoring firm iRhythm Technologies has told the U.S. Securities and Exchange Commission that hackers recently stole proprietary data and patient health information from certain third-party-hosted business applications, and demanded a ransom. The company did not disclose whether it paid. First seen on govinfosecurity.com Jump…
-
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded
iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several…
-
How to Govern Agentic AI in the Enterprise
Learn how to govern AI agents with accountability, continuous monitoring, and compliance controls. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/how-to-govern-agentic-ai-in-the-enterprise/
-
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/
-
SHADOWBYT3$ Allegedly Claims Nintendo Breach and Theft of Sensitive Data
Threat intelligence sources have flagged a potential cybersecurity incident involving Nintendo after threat actor “SHADOWBYT3$” allegedly claimed responsibility for breaching internal systems and exfiltrating sensitive data. The claim surfaced on June 13, 2026, via underground monitoring channels and was later amplified by threat intelligence platform Hackmanac. At the time of writing, the incident remains unverified,…
-
Threat Actor Malware Platform Exposed Through Unlocked PHP Installer Page
A misconfigured PHP-based malware distribution platform has been exposed after a security researcher inadvertently gained administrative access via an unlocked installation page, highlighting critical operational security failures in the active threat actor’s infrastructure. The incident, documented on June 11, 2026, began with routine threat intelligence monitoring on X (formerly Twitter), where a suspicious software download…
-
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines.Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error report crafted using Sentry, an open-source error-tracking and performance-monitoring platform.”The attack First…
-
Tchap Messenger Hack Exposes Data of Over 73,000 French Government Employees
A suspected cyberattack targeting Tchap, the secure messaging platform used by French government agencies, has reportedly exposed sensitive data belonging to more than 73,000 government employees. According to threat intelligence reports shared by the ThreatMon monitoring account, a threat actor claims to have exfiltrated approximately 13.5 GB of internal data, covering nearly three years of…
-
Product showcase: Avast One turns scam screenshots into actionable security advice
Avast One Free combines privacy, security, identity monitoring, and performance tools in a single platform. The app is available for Windows, macOS, Android, and iOS. Checking … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/product-showcase-avast-one-platform/
-
Joint Commission Certification Targets Healthcare AI Risks
Program Focuses on AI Governance, Safety, Privacy, Bias and Transparency. Accreditation organization Joint Commission is rolling out a voluntary program for certifying the responsible deployment and use of artificial intelligence technologies by U.S. healthcare provider organizations, including governance, safeguards, monitoring processes and education. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/joint-commission-certification-targets-healthcare-ai-risks-a-31949
-
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
Tags: credentials, cyber, cyberattack, endpoint, exploit, microsoft, monitoring, threat, update, windowsMicrosoft has introduced enhanced monitoring capabilities in Microsoft Defender for Endpoint to detect and disrupt cyberattacks that abuse the Remote Procedure Call (RPC) protocol, a core Windows communication mechanism that threat actors frequently exploit for lateral movement and credential access. Announced on June 8, 2026, the update provides granular visibility into inbound remote RPC activity,…
-
Startup Geordie AI Lands $30M to Secure Enterprise AI Agents
Series A Funding Supports Visibility Across Cloud, Code and Endpoint Environments. Geordie AI, the 2026 RSAC Innovation Sandbox winner, raised $30 million in Series A funding to expand a platform that provides visibility, governance and behavioral monitoring for AI agents operating across cloud, code and endpoint environments as enterprises accelerate autonomous AI adoption. First seen…
-
Startup Geordie AI Lands $30M to Secure Enterprise AI Agents
Series A Funding Supports Visibility Across Cloud, Code and Endpoint Environments. Geordie AI, the 2026 RSAC Innovation Sandbox winner, raised $30 million in Series A funding to expand a platform that provides visibility, governance and behavioral monitoring for AI agents operating across cloud, code and endpoint environments as enterprises accelerate autonomous AI adoption. First seen…
-
Startup Geordie AI Lands $30M to Secure Enterprise AI Agents
Series A Funding Supports Visibility Across Cloud, Code and Endpoint Environments. Geordie AI, the 2026 RSAC Innovation Sandbox winner, raised $30 million in Series A funding to expand a platform that provides visibility, governance and behavioral monitoring for AI agents operating across cloud, code and endpoint environments as enterprises accelerate autonomous AI adoption. First seen…
-
UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United States. According to Mandiant’s Google Threat Intelligence Group (GTIG), this financially motivated campaign leverages a highly effective combination of voice phishing, remote monitoring and management abuse, and unprecedented physical office intrusions. Attackers…
-
US agencies warn of hackers targeting fuel tank monitoring systems
First seen on scworld.com Jump to article: www.scworld.com/brief/us-agencies-warn-of-hackers-targeting-fuel-tank-monitoring-systems
-
JupiterOne adds Continuous Controls Monitoring for security and compliance teams
First seen on scworld.com Jump to article: www.scworld.com/brief/jupiterone-adds-continuous-controls-monitoring-for-security-and-compliance-teams
-
New CISA Warning: Hackers Are Targeting Fuel Tank Monitoring Systems
CISA warns attackers are targeting internet-exposed Automatic Tank Gauge systems used in fuel storage. Here’s what operators should fix now. The post New CISA Warning: Hackers Are Targeting Fuel Tank Monitoring Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisa-atg-systems-fuel-storage-cyberattacks/
-
Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass
Trend Micro’s Deep Security Agent for Linux contains a design flaw in its behavior-monitoring stack that allows a local, unprivileged attacker to repeatedly force short “blind spots” in which endpoint protections are temporarily bypassed. The issue stems from how the agent unloads and reloads its bmhook and tmhook kernel modules under heavy local event load,…
-
Breach Roundup: Microsoft Tries to Mend Researcher Bridges
Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer Arrested. This week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenaged doxer, a Oracle Weblogic flaw was actively exploited.…
-
Breach Roundup: Microsoft Tried to Mend Researcher Bridges
Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer Arrested. This week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenaged doxer, a Oracle Weblogic flaw was actively exploited.…
-
Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
Tags: attack, cyber, infrastructure, intelligence, microsoft, monitoring, okta, phishing, russia, service, theft, threatThe Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta single sign-on (SSO) environments and Russia’s rapidly growing MAX Messenger platform. New threat intelligence reveals a more mature, multi-brand phishing ecosystem with centralized infrastructure, real-time token monitoring, and geographically targeted campaigns. Previously documented for abusing…