Collecting Cyber-News from over 60 sources

Tag: tool

Softwareprojekt mit Backdoor: Malware-Attacke über Linkedin mittels KI enttarnt

Jun 17, 2026 1:03 PM

Tags: ai, backdoor, cyberattack, linkedin, malware, tool

Eine angebliche Recruiterin wollte einem Python-Entwickler über Linkedin Malware unterschieben. Ein KI-Tool half ihm dabei, den Angriff zu vereiteln. First seen on golem.de Jump to article: www.golem.de/news/linkedin-wie-ein-entwickler-mittels-ki-eine-schadcodeattacke-entlarven-konnte-2606-209862.html
Wie ein Entwickler mittels KI eine Schadcodeattacke entlarven konnte

Jun 17, 2026 12:02 PM

Tags: ai, linkedin, malware, tool

Eine angebliche Recruiterin wollte einem Python-Entwickler über Linkedin Malware unterschieben. Ein KI-Tool half ihm dabei, das rechtzeitig zu erkennen. First seen on golem.de Jump to article: www.golem.de/news/linkedin-wie-ein-entwickler-mittels-ki-eine-schadcodeattacke-entlarven-konnte-2606-209862.html
The SOC’s visibility gap comes down to staffing

Jun 17, 2026 9:02 AM

Tags: ai, soc, tool

AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/sans-ai-in-the-soc/
Ent Raises $100M to Reinvent Endpoint Security for AI Era

Jun 17, 2026 12:02 AM

Tags: ai, attack, detection, endpoint, startup, tool

Startup Analyzes Endpoint Behavior to Stop Incidents Before Security Teams Respond. Endpoint security startup Ent emerged from stealth with a $100 million seed round led by Decibel, betting that intent-aware AI running on endpoints can prevent increasingly automated AI-driven attacks before traditional detection and response tools have time to react. First seen on govinfosecurity.com Jump…
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio

Jun 16, 2026 7:02 PM

Tags: access, ai, cyber, iam, identity, microsoft, tool, usa

Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft’s enterprise AI agent platform. The integration, unveiled at Identiverse 2026, gives security teams the tools to manage what Copilot Studio agents can access, under what conditions, and with a…
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio

Jun 16, 2026 7:02 PM

Tags: access, ai, cyber, iam, identity, microsoft, tool, usa

Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft’s enterprise AI agent platform. The integration, unveiled at Identiverse 2026, gives security teams the tools to manage what Copilot Studio agents can access, under what conditions, and with a…
CrowdStrike SecOps Deal With Grant Thornton Shows ‘Power Of The Platform’ For MSSPs: Execs

Jun 16, 2026 4:01 PM

Tags: ai, crowdstrike, detection, mssp, service, tool

As Grant Thornton Advisors standardizes its security operations (SecOps) and managed detection and response (MDR) services on CrowdStrike, the deal showcases the advantages of the AI-powered Falcon platform for MSSPs looking to modernize their tools for improved security outcomes, according to executives from the two companies. First seen on crn.com Jump to article: www.crn.com/news/security/2026/crowdstrike-secops-deal-with-grant-thornton-shows-power-of-the-platform-for-mssps-execs
SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)

Jun 16, 2026 4:01 PM

Tags: access, endpoint, exploit, flaw, monitoring, tool, vulnerability

A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/
Silent Ransom Group Targets US Legal Firms With Voice Phishing and Data Theft Extortion

Jun 16, 2026 4:01 PM

Tags: cyber, data, extortion, finance, group, office, phishing, ransom, service, social-engineering, theft, tool

A concentrated data theft extortion campaign by UNC3753 also reported as Luna Moth, Chatty Spider, and Silent Ransom Group targeting dozens of U.S. professional, legal, and financial services firms. The cluster’s hallmark is fast, human-centric intrusions that combine voice phishing (vishing), social engineering, abuse of legitimate remote support tools, and in some cases physical office…
Silent Ransom Group Targets US Legal Firms With Voice Phishing and Data Theft Extortion

Jun 16, 2026 4:01 PM

Tags: cyber, data, extortion, finance, group, office, phishing, ransom, service, social-engineering, theft, tool

A concentrated data theft extortion campaign by UNC3753 also reported as Luna Moth, Chatty Spider, and Silent Ransom Group targeting dozens of U.S. professional, legal, and financial services firms. The cluster’s hallmark is fast, human-centric intrusions that combine voice phishing (vishing), social engineering, abuse of legitimate remote support tools, and in some cases physical office…
SOC-Survey 2026 des SANS Institutes Mangelnde Transparenz als Hindernis für SOC-Sicherheit

Jun 16, 2026 3:02 PM

Tags: sans, soc, tool

Sicherheitsfachleute beschreiben das Problem der Transparenz ganz einfach: zu viele kontextarme Alarme. Führungskräfte berichten von demselben Problem: 24 Prozent nennen den Mangel an Transparenz als größtes Hindernis für einen effektiven Sicherheitsbetrieb und stufen dies noch vor Personalmangel und Automatisierungslücken ein. In den meisten Unternehmen sind die Tools zwar vorhanden, aber es fehlt die Integration, um…
SANS SOC-Survey 2026 zeigt mangelnde Transparenz im Security Operation Center

Jun 16, 2026 2:02 PM

Tags: ciso, sans, soc, tool

Für CISOs, SOC-Leiter und Security-Teams bedeutet das: Wer Sicherheitsoperationen verbessern will, muss Alarmflut, Tool-Silos, Personallücken und Budgetentscheidungen betrachten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-soc-survey-2026-zeigt-mangelnde-transparenz-im-security-operation-center/a45503/
Schatten-KI wird zum messbaren Risiko

Jun 16, 2026 1:01 PM

Tags: ai, risk, tool

Zwei Drittel der Büromitarbeitenden nutzen nicht autorisierte KI-Tools am Arbeitsplatz. 75 % der Büroangestellten würden für bessere KI-Weiterbildungsmöglichkeiten einen Arbeitsplatzwechsel in Betracht ziehen; in Unternehmen mit über 1 Mrd. US-Dollar Umsatz sind es 80 %. PagerDuty hat eine internationale Umfrage veröffentlicht, die eine wachsende Diskrepanz zwischen der KI-Nutzung durch Mitarbeitende und der unternehmensinternen Governance… First…
Reachability makes AI threat modeling worth the trust

Jun 16, 2026 9:02 AM

Tags: ai, threat, tool

In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/oscar-andersson-oplane-ai-threat-modeling/
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Jun 15, 2026 10:01 PM

Tags: cyber, cybersecurity, hacker, malicious, malware, north-korea, phishing, threat, tool

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi).According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes First seen on…
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Jun 15, 2026 7:01 PM

Tags: email, flaw, mfa, microsoft, phishing, threat, tool

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL…
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

Jun 15, 2026 6:02 PM

Tags: ai, browser, chrome, cybersecurity, exploit, flaw, login, macOS, phishing, software, tool, vpn, zero-day

Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
Vibe coders are gonna vibe code: How CISOs are tackling code sprawl

Jun 15, 2026 5:01 PM

Tags: ai, automation, ciso, governance, tool

Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight. Tines explores how CISOs are handling AI-driven code sprawl, shadow tooling, and governance challenges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vibe-coders-are-gonna-vibe-code-how-cisos-are-tackling-code-sprawl/
New attack turned Microsoft 365 Copilot into 1-click data theft tool

Jun 15, 2026 4:01 PM

Tags: attack, data, microsoft, theft, tool, vulnerability

A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target’s mailbox, OneDrive, or SharePoint account through a specially crafted URL. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-attack-turned-microsoft-365-copilot-into-1-click-data-theft-tool/
New DPAPISnoop Tool Enables Extraction of CREDHIST Hashes From Windows Systems

Jun 15, 2026 1:01 PM

Tags: credentials, cyber, open-source, password, tool, windows

A newly enhanced version of the open-source DPAPISnoop tool is drawing attention in the security community after researchers demonstrated its ability to extract offline-crackable hashes from Windows DPAPI credential history (CREDHIST) files, potentially exposing historical password material and enabling deeper insight into user password patterns over time. New DPAPISnoop Tool Developed by Nettitude’s CyberLabs team,…
SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks

Jun 15, 2026 1:01 PM

Tags: adware, browser, chrome, cyber, phishing, privacy, risk, tool

A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as >>SearchJack<< has quietly hijacked the default search settings of roughly 758,000 users, routing queries through operator-controlled monetization middleware before returning results. At first glance the extensions promise useful features satellite imagery, productivity tools, news readers, maps but their true purpose is affiliate search monetization,…
Google Sues Operators of AI-Powered ‘Outsider’ Phishing Kit Linked to 1.5 Million URLs

Jun 15, 2026 11:01 AM

Tags: ai, google, intelligence, phishing, tool

Google has launched a lawsuit against the operators behind the Outsider AI phishing kit. This alleged AI phishing kit, the company says, has been used to create convincing phishing websites using artificial intelligence tools, including Google’s Gemini. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/google-sues-outsider-ai-phishing-kit/
Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

Jun 15, 2026 10:02 AM

Tags: ai, credentials, dark-web, group, leak, ransomware, tool

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2026 had listed 483 victims on their dark-web leak site, 380 of them in 2026 alone. That makes them the…
Chinesische PhaaS-Plattformen professionalisieren Phishing-Angriffe mit KI und Echtzeit-Tools

Jun 14, 2026 3:03 PM

Tags: ai, cyberattack, phishing, social-engineering, tool

Die Analyse zeigt deutlich: Technische Schutzmaßnahmen allein reichen nicht aus. Unternehmen müssen ihre Mitarbeitenden kontinuierlich über Phishing und Social Engineering aufklären. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/chinesische-phaas-plattformen-professionalisieren-phishing-angriffe-mit-ki-und-echtzeit-tools/a45489/
Wer hat die Kontrolle? Angreifer verwandeln legitime Remote-Zugriff-Tools in Einfallstore

Jun 14, 2026 6:01 AM

Tags: access, crypto, mail, phishing, tool

Angreifer nutzen Steuer-Phishing, vorgetäuschte Tools zur Wiederherstellung von Krypto-Wallets und gefälschte Audiodateien, um Kontrolle über PCs zu erlangen. Highlights: Angreifer missbrauchen legitime Remote-Zugriff-Tools, die über Phishing-E-Mails zum Steuerjahresende und gefälschte Downloads von Dating-Websites verbreitet werden, um dauerhafte Kontrolle über Geräte zu erlangen. Gefälschte Tools zur Wiederherstellung von Krypto-Wallets, werden zum Diebstahl von Anmeldedaten und……
Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.

Jun 13, 2026 1:02 AM

Tags: data, data-breach, group, iran, service, threat, tool

Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it…
Agentic AI surges in financial sector even as many firms fail to manage security risks

Jun 12, 2026 6:02 PM

Tags: ai, finance, risk, tool

One-fifth of firms aren’t even sure if they’ve been hacked through their AI tools, according to a new report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-agents-financial-services-payments-security-risks/822800/
Google sues China-based scammers over Gemini AI abuse

Jun 12, 2026 4:02 PM

Tags: ai, china, cybercrime, google, network, phishing, scam, tool

Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/google-china-based-cybercrime-network-lawsuit/
OpenClaw ist durch Prompt Injections in Nachrichtenobjekten angreifbar

Jun 12, 2026 12:02 PM

Tags: injection, least-privilege, tool

Sicherheitsteams sollten ihre Sandbox-Isolation aktivieren und das Least-Privilege-Prinzip auf die Berechtigungen der Agenten-Tools anwenden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/openclaw-ist-durch-prompt-injections-in-nachrichtenobjekten-angreifbar/a45460/
Product showcase: Avast One turns scam screenshots into actionable security advice

Jun 12, 2026 7:02 AM

Tags: android, identity, macOS, monitoring, privacy, scam, tool, windows

Avast One Free combines privacy, security, identity monitoring, and performance tools in a single platform. The app is available for Windows, macOS, Android, and iOS. Checking … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/product-showcase-avast-one-platform/