Cyber Security
CSE Admits Hacking Ransomware Gangs and Deleting Stolen Victim Data
GitLost Prompt Injection Leaks Private GitHub Repos via Public Issues
WriteOut Flaw Let Attackers Hijack Any Writer AI Enterprise Account
Japan Arrests Teen Who Used ChatGPT to Cancel 46,812 Bandai Accounts
BeyondTrust CVE-2026-40138 Auth Bypass Left Self-Hosted Users Exposed
CERT/CC Finds Hidden Admin Backdoor CVE-2026-11405 in Tenda Firmware
Adobe ColdFusion CVE-2026-48282 Exploited Within Hours of PoC Release
Unit 42 Exposes EtherRAT: Teams Calls Deliver Blockchain-Backed RAT
UNK_MassTraction Exploits Roundcube XSS to Hit US Physics Departments
Fake Job Interview Phishing Hits Marketing Pros Across 30 Brand Lures
North Korea PolinRider Poisons 108 Packages via Compromised Accounts
CVE-2026-33697: Attested TLS Relay Flaw Hits WhatsApp, Cocos AI
QuimaRAT MaaS Sells Cross-Platform Java RAT for Windows, Linux, macOS
Opera GX Flaw Let Malicious Sites Silently Install Mods on 25M Users
TrojPix Leaks Data from Air-Gapped PCs via Video Cable Emissions
SkillCloak Lets Malicious AI Agent Skills Evade 90% of Static Scanners
Zscaler: Two Active Campaigns Hijack AI Agents for Crypto Theft
Google and FBI Seize NetNut Proxy Network Used by 316 Threat Actors
PamStealer macOS Infostealer Uses PAM API to Verify Stolen Passwords
CVE-2026-8451 Exploited Within 24 Hours of Citrix NetScaler Patch
ToddyCat APT’s Umbrij Tool Reads Corporate Gmail via OAuth Silently
Apple Hide My Email Still Leaks Real Addresses After Claimed Fix
90-Domain SEO Campaign Abuses ScreenConnect to Deploy AsyncRAT
VEIL#DROP Campaign Uses Google Blogger to Deliver PureLogs Stealer
90-Domain SEO Campaign Abuses ScreenConnect to Deploy AsyncRAT
Unit 42 Confirms 13,000 Malicious Phantom Squatting Sites
Trump Administration Lifts Claude Fable 5 Access Restrictions
JADEPUFFER: First AI-Orchestrated Ransomware Exploits Langflow RCE
CISA Adds SharePoint RCE CVE-2026-45659 to KEV Catalog
Poisoned Email Turns Claude Desktop Into a Reverse Shell
CVE Vulnerability Alerts
CVE-2026-53359 Januscape: 16-Year KVM Flaw Enables VM Escape
CVE-2026-53359 Januscape is a 16-year-old Linux KVM use-after-free that allows guest VM escape to the host on Intel and AMD systems. Patches are available.
Cybersecurity
Operation DragonReturn: DcRAT Targets India Tax Professionals
China-nexus Operation DragonReturn deploys DcRAT via a cloned Indian tax utility, targeting tax professionals and accountants during India's filing season.
Cybersecurity
UK Cyber Resilience Pledge Draws 60 Signatories, Including Capita
UK Technology Secretary Liz Kendall launched the Cyber Resilience Pledge with 60 signatories, including Capita, despite its ICO fine for a ransomware breach.
Cybersecurity
CSE Admits Hacking Ransomware Gangs and Deleting Stolen Victim Data
Canada's CSE confirmed offensive cyber operations against ransomware gangs, including destroying a gang's full infrastructure and deleting stolen victim data.
Application Security
GitLost Prompt Injection Leaks Private GitHub Repos via Public Issues
Noma Security's GitLost technique tricks GitHub Agentic Workflows into leaking private repository contents via public issue comments, with no patch available.
Application Security
WriteOut Flaw Let Attackers Hijack Any Writer AI Enterprise Account
Sand Security found a one-click session isolation flaw in Writer AI letting attackers access any enterprise tenant's private models, credentials, and documents.
Cybersecurity
Japan Arrests Teen Who Used ChatGPT to Cancel 46,812 Bandai Accounts
Tokyo police arrested a 15-year-old who used ChatGPT to generate attack code that canceled 46,812 Bandai Channel streaming accounts in under four hours.
Application Security
BeyondTrust CVE-2026-40138 Auth Bypass Left Self-Hosted Users Exposed
BeyondTrust patched a CVSS 9.2 auth bypass in Remote Support and PRA for SaaS users months ago but withheld notice from self-hosted operators until July ...
CVE Vulnerability Alerts
CERT/CC Finds Hidden Admin Backdoor CVE-2026-11405 in Tenda Firmware
CERT/CC disclosed CVE-2026-11405, a hidden backdoor in Tenda router firmware granting unauthenticated full admin access. No vendor patch is available.
Application Security
Adobe ColdFusion CVE-2026-48282 Exploited Within Hours of PoC Release
Adobe ColdFusion CVE-2026-48282 (CVSS 10) moved from PoC release to confirmed in-the-wild exploitation in under two hours, according to KEVIntel honeypot data.
Cybersecurity
Unit 42 Exposes EtherRAT: Teams Calls Deliver Blockchain-Backed RAT
Unit 42 exposed an active campaign using fake Microsoft Teams IT support calls to install EtherRAT, a Node.js RAT whose C2 runs on Ethereum smart ...
Application Security
UNK_MassTraction Exploits Roundcube XSS to Hit US Physics Departments
Proofpoint named UNK_MassTraction, a China-aligned group using Roundcube CVE-2024-42009 to steal credentials and 2FA tokens from university physics departments.
Cybersecurity
Fake Job Interview Phishing Hits Marketing Pros Across 30 Brand Lures
Attackers posing as 30-plus major brand recruiters use fake job interviews to steal Google credentials from marketing professionals who manage ad platforms.
Application Security
North Korea PolinRider Poisons 108 Packages via Compromised Accounts
North Korea's PolinRider campaign used stolen maintainer credentials to push malicious updates to 108 packages across npm, Packagist, Go, and Chrome Web Store.
CVE Vulnerability Alerts
CVE-2026-33697: Attested TLS Relay Flaw Hits WhatsApp, Cocos AI
CVE-2026-33697 lets relay attacks redirect confidential computing traffic without breaking attestation, affecting WhatsApp, Cocos AI, and Edgeless Systems.
Cybersecurity
QuimaRAT MaaS Sells Cross-Platform Java RAT for Windows, Linux, macOS
QuimaRAT is a new Java-based malware-as-a-service RAT sold from $150 per month that targets Windows, Linux, and macOS enterprise and developer environments.
Application Security
Opera GX Flaw Let Malicious Sites Silently Install Mods on 25M Users
A zero-click flaw in Opera GX's mod system let malicious websites silently install data-harvesting browser extensions on the gaming browser's 25 million users.
Cybersecurity
TrojPix Leaks Data from Air-Gapped PCs via Video Cable Emissions
Researchers disclosed TrojPix, a new air-gap attack that manipulates pixel rendering to encode data as electromagnetic emissions from a computer's video cable.
Application Security
SkillCloak Lets Malicious AI Agent Skills Evade 90% of Static Scanners
SkillCloak obfuscation lets malicious AI coding agent skills bypass over 90 percent of static detection tools, risking source code and credential theft.
Application Security
Zscaler: Two Active Campaigns Hijack AI Agents for Crypto Theft
Zscaler found two active campaigns that embed hidden instructions in web pages, causing 4 of 26 AI agents tested to complete unauthorized crypto transfers.
CVE Vulnerability Alerts
CVE-2026-53359 Januscape: 16-Year KVM Flaw Enables VM Escape
Application Security
India IDRBT .bank.in Registry Leaked 5,576 Employee Records
Cybersecurity
CSE Admits Hacking Ransomware Gangs and Deleting Stolen Victim Data
Application Security
JADEPUFFER: First AI-Orchestrated Ransomware Exploits Langflow RCE

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Application Security
Adobe ColdFusion CVE-2026-48282 Exploited Within Hours of PoC Release
Application Security
DuneSlide Flaws Let Prompt Injection Break Cursor AI Sandbox
Application Security
DeepSeek Built Browser Ransomware Using Chrome File System API
CVE Vulnerability Alerts
Citrix Patches Six NetScaler Flaws Including HTTP/2 Bomb Vector
Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
CSE Admits Hacking Ransomware Gangs and Deleting Stolen Victim Data
Canada's CSE confirmed offensive cyber operations against ransomware gangs, including destroying a gang's full infrastructure and deleting stolen victim data.
GitLost Prompt Injection Leaks Private GitHub Repos via Public Issues
Noma Security's GitLost technique tricks GitHub Agentic Workflows into leaking private repository contents via public issue comments, with no patch available.
WriteOut Flaw Let Attackers Hijack Any Writer AI Enterprise Account
Sand Security found a one-click session isolation flaw in Writer AI letting attackers access any enterprise tenant's private models, credentials, and documents.
Japan Arrests Teen Who Used ChatGPT to Cancel 46,812 Bandai Accounts
Tokyo police arrested a 15-year-old who used ChatGPT to generate attack code that canceled 46,812 Bandai Channel streaming accounts in under four hours.
BeyondTrust CVE-2026-40138 Auth Bypass Left Self-Hosted Users Exposed
BeyondTrust patched a CVSS 9.2 auth bypass in Remote Support and PRA for SaaS users months ago but withheld notice from self-hosted operators until July ...
CERT/CC Finds Hidden Admin Backdoor CVE-2026-11405 in Tenda Firmware
CERT/CC disclosed CVE-2026-11405, a hidden backdoor in Tenda router firmware granting unauthenticated full admin access. No vendor patch is available.
Adobe ColdFusion CVE-2026-48282 Exploited Within Hours of PoC Release
Adobe ColdFusion CVE-2026-48282 (CVSS 10) moved from PoC release to confirmed in-the-wild exploitation in under two hours, according to KEVIntel honeypot data.
Unit 42 Exposes EtherRAT: Teams Calls Deliver Blockchain-Backed RAT
Unit 42 exposed an active campaign using fake Microsoft Teams IT support calls to install EtherRAT, a Node.js RAT whose C2 runs on Ethereum smart ...
UNK_MassTraction Exploits Roundcube XSS to Hit US Physics Departments
Proofpoint named UNK_MassTraction, a China-aligned group using Roundcube CVE-2024-42009 to steal credentials and 2FA tokens from university physics departments.
Fake Job Interview Phishing Hits Marketing Pros Across 30 Brand Lures
Attackers posing as 30-plus major brand recruiters use fake job interviews to steal Google credentials from marketing professionals who manage ad platforms.
North Korea PolinRider Poisons 108 Packages via Compromised Accounts
North Korea's PolinRider campaign used stolen maintainer credentials to push malicious updates to 108 packages across npm, Packagist, Go, and Chrome Web Store.
CVE-2026-33697: Attested TLS Relay Flaw Hits WhatsApp, Cocos AI
CVE-2026-33697 lets relay attacks redirect confidential computing traffic without breaking attestation, affecting WhatsApp, Cocos AI, and Edgeless Systems.
QuimaRAT MaaS Sells Cross-Platform Java RAT for Windows, Linux, macOS
QuimaRAT is a new Java-based malware-as-a-service RAT sold from $150 per month that targets Windows, Linux, and macOS enterprise and developer environments.
Opera GX Flaw Let Malicious Sites Silently Install Mods on 25M Users
A zero-click flaw in Opera GX's mod system let malicious websites silently install data-harvesting browser extensions on the gaming browser's 25 million users.
TrojPix Leaks Data from Air-Gapped PCs via Video Cable Emissions
Researchers disclosed TrojPix, a new air-gap attack that manipulates pixel rendering to encode data as electromagnetic emissions from a computer's video cable.
SkillCloak Lets Malicious AI Agent Skills Evade 90% of Static Scanners
SkillCloak obfuscation lets malicious AI coding agent skills bypass over 90 percent of static detection tools, risking source code and credential theft.
Zscaler: Two Active Campaigns Hijack AI Agents for Crypto Theft
Zscaler found two active campaigns that embed hidden instructions in web pages, causing 4 of 26 AI agents tested to complete unauthorized crypto transfers.
Google and FBI Seize NetNut Proxy Network Used by 316 Threat Actors
Google and the FBI dismantled NetNut, a residential proxy network that secretly hijacked 2 million home devices and served 316 distinct cybercrime groups.
PamStealer macOS Infostealer Uses PAM API to Verify Stolen Passwords
Jamf Threat Labs disclosed PamStealer, a Rust-based macOS infostealer that uses the PAM API to verify stolen passwords before exfiltrating credentials.
CVE-2026-8451 Exploited Within 24 Hours of Citrix NetScaler Patch
A threat actor exploited CVE-2026-8451 in Citrix NetScaler within 24 hours of patch release, targeting Lupovis honeypots with confirmed memory overread payloads.