Main Menu
Cyber Security
Trump Signs Executive Order for National Security Review of AI Models
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
Red Hat npm Packages Backdoored with Miasma Credential Worm
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
NIST Inspector General: NVD Backlog Hits 27,000 CVEs
TheGentlemen Ransomware Lists US Water Utility Suburban Water
ShadowByt3$ Ransomware Hits Syngenta’s Cropwise Platform
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
GTA Cheat Service Atlas Menu Hacked; 64,000 Records Exposed
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PureLogs Infostealer Uses MSBuild.exe for Fileless Deployment
Gamaredon Hides USB Worm in NTFS Alternate Data Streams
Play Ransomware Claims US Telecom Hightower Communications
Play Ransomware Claims US Telecom Hightower Communications
Gamaredon Hides USB Worm in NTFS Alternate Data Streams
PureLogs Infostealer Uses MSBuild.exe for Fileless Deployment
Cybersecurity
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
Gabby Lee June 3, 2026
A CSIS/FDD commission proposed a standalone US Cyber Force with 30,000 troops and an $11 billion startup cost, with Gillibrand's defense amendments pending.
Cybersecurity
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
Mitchell Langley June 3, 2026
KillSec ransomware posted an Indian teaching hospital and a Mexican insurance firm as victims, exposing patient data under India's DPDPA and Mexico's CNBV.
Cybersecurity
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
Mitchell Langley June 3, 2026
Nova ransomware publicly apologized and banned an affiliate for attacking Eriell Group, an Uzbekistan oilfield firm, violating the CIS safe harbor rule.
Cybersecurity
Trump Signs Executive Order for National Security Review of AI Models
Andrew Doyle June 3, 2026
Trump signed an executive order directing US national security agencies to assess top AI foundation models for offensive cyber and dual-use threat risks.
Application Security
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Gabby Lee June 3, 2026
Huntress disclosed a Windows Search URI handler flaw that silently sends NTLMv2 hashes to attacker servers with one click. Microsoft declined to patch.
Cybersecurity
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
Andrew Doyle June 3, 2026
Qilin ransomware posted six victims across five countries over two days, including Nova Medical Products and MEISA Sines at Portugal's Sines energy port.
Cybersecurity
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
Mitchell Langley June 3, 2026
APT73 (Bashe), a LockBit-linked RaaS, posted Armenia's elections.mia.gov.am as a victim, threatening voter registration and electoral administration data.
Cybersecurity
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
Andrew Doyle June 3, 2026
Russia's FSB claimed foreign spies installed surveillance malware on senior officials' smartphones, naming Cloudflare and Fastly as alleged C2 infrastructure.
Cybersecurity
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
Andrew Doyle June 3, 2026
Europol's seven-month Operation KRATOS 2 arrested 29 suspects, targeted 4,370 piracy domains, and removed 27,000 illegal streaming URLs across 13 countries.
Application Security
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
Andrew Doyle June 3, 2026
CVE-2026-8206 in the Kirki WordPress plugin is under active attack, with Wordfence detecting 222 exploitation attempts targeting admin account takeover.
CVE Vulnerability Alerts
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
Mitchell Langley June 3, 2026
CVE-2026-0826 allows unauthenticated root-level RCE on HP Poly VVX and Trio VoIP phones via a crafted SIP INVITE request targeting the SDP/ICE parser.
Cybersecurity
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
Andrew Doyle June 3, 2026
Sophos discovered a criminal ransomware framework using Claude Opus 4.5 and multi-agent AI pipelines to build and test 80 evasion-optimized malware modules.
Application Security
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
Andrew Doyle June 3, 2026
CISA confirmed active exploitation of Oracle WebLogic CVE-2024-21182, giving federal agencies a June 4 deadline to patch the unauthenticated data-access flaw.
Application Security
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
Gabby Lee June 3, 2026
CVE-2026-49975 HTTP/2 Bomb exploit achieves 5,700:1 amplification against Envoy, crashing 32 GB of server memory with a single residential connection.
Application Security
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
Mitchell Langley June 3, 2026
Researcher Ammar Askar publicly disclosed a VS Code zero-day that lets malicious extensions steal GitHub OAuth tokens, granting full repository access.
CVE Vulnerability Alerts
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
Andrew Doyle June 2, 2026
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
Application Security
Red Hat npm Packages Backdoored with Miasma Credential Worm
Andrew Doyle June 2, 2026
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across roughly 80,000 weekly downloads.
Application Security
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
Mitchell Langley June 2, 2026
A confused deputy flaw in Meta's AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space Force.
Cybersecurity
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
Gabby Lee June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
Application Security
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
Gabby Lee June 2, 2026
CVE-2026-8633 is a CVSS 9.8 unauthenticated RCE in IBM WebSphere's Web Server Plug-ins. Patches are available for WebSphere 8.5 and 9.0 and Liberty builds.
Cybersecurity
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
Gabby Lee June 3, 2026
Cybersecurity
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
Mitchell Langley June 3, 2026
Cybersecurity
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
Mitchell Langley June 3, 2026
Cybersecurity
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
Mitchell Langley June 3, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Trump Signs Executive Order for National Security Review of AI Models
Application Security
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Cybersecurity
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
Cybersecurity
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs

This Week’s Security Spotlight

Application Security
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
Gabby Lee June 2, 2026
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Gabby Lee May 25, 2026
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Gabby Lee May 22, 2026
More In News
Trending
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Cybersecurity
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
June 3, 2026
Cybersecurity
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
June 3, 2026
Cybersecurity
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
June 3, 2026
Cybersecurity
Trump Signs Executive Order for National Security Review of AI Models
June 3, 2026
Application Security
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
June 3, 2026
Cybersecurity
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
June 3, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Trump Signs Executive Order for National Security Review of AI Models
June 3, 2026
Trump signed an executive order directing US national security agencies to assess top AI foundation models for offensive cyber and dual-use threat risks.
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
June 3, 2026
Huntress disclosed a Windows Search URI handler flaw that silently sends NTLMv2 hashes to attacker servers with one click. Microsoft declined to patch.
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
June 3, 2026
Qilin ransomware posted six victims across five countries over two days, including Nova Medical Products and MEISA Sines at Portugal's Sines energy port.
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
June 3, 2026
APT73 (Bashe), a LockBit-linked RaaS, posted Armenia's elections.mia.gov.am as a victim, threatening voter registration and electoral administration data.
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
June 3, 2026
Russia's FSB claimed foreign spies installed surveillance malware on senior officials' smartphones, naming Cloudflare and Fastly as alleged C2 infrastructure.
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
June 3, 2026
Europol's seven-month Operation KRATOS 2 arrested 29 suspects, targeted 4,370 piracy domains, and removed 27,000 illegal streaming URLs across 13 countries.
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
June 3, 2026
CVE-2026-8206 in the Kirki WordPress plugin is under active attack, with Wordfence detecting 222 exploitation attempts targeting admin account takeover.
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
June 3, 2026
CVE-2026-0826 allows unauthenticated root-level RCE on HP Poly VVX and Trio VoIP phones via a crafted SIP INVITE request targeting the SDP/ICE parser.
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
June 3, 2026
Sophos discovered a criminal ransomware framework using Claude Opus 4.5 and multi-agent AI pipelines to build and test 80 evasion-optimized malware modules.
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
June 3, 2026
CISA confirmed active exploitation of Oracle WebLogic CVE-2024-21182, giving federal agencies a June 4 deadline to patch the unauthenticated data-access flaw.
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
June 3, 2026
CVE-2026-49975 HTTP/2 Bomb exploit achieves 5,700:1 amplification against Envoy, crashing 32 GB of server memory with a single residential connection.
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
June 3, 2026
Researcher Ammar Askar publicly disclosed a VS Code zero-day that lets malicious extensions steal GitHub OAuth tokens, granting full repository access.
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
June 2, 2026
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
Red Hat npm Packages Backdoored with Miasma Credential Worm
June 2, 2026
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across roughly 80,000 weekly downloads.
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
June 2, 2026
A confused deputy flaw in Meta's AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space Force.
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
June 2, 2026
CVE-2026-8633 is a CVSS 9.8 unauthenticated RCE in IBM WebSphere's Web Server Plug-ins. Patches are available for WebSphere 8.5 and 9.0 and Liberty builds.
NIST Inspector General: NVD Backlog Hits 27,000 CVEs
June 2, 2026
A NIST Inspector General report finds the NVD backlog has grown to over 27,000 unprocessed CVEs, degrading enterprise vulnerability management programs.
TheGentlemen Ransomware Lists US Water Utility Suburban Water
June 2, 2026
TheGentlemen ransomware posted Suburban Water, a US critical infrastructure water utility, among 14 victims across five sectors in a 46-minute window.
ShadowByt3$ Ransomware Hits Syngenta’s Cropwise Platform
June 2, 2026
ShadowByt3$ ransomware claims unauthorized access to Cropwise, Syngenta's precision agriculture platform, stealing GIS data, yield models, and API keys.
Trump Signs Executive Order for National Security Review of AI Models
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
Red Hat npm Packages Backdoored with Miasma Credential Worm
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
NIST Inspector General: NVD Backlog Hits 27,000 CVEs
TheGentlemen Ransomware Lists US Water Utility Suburban Water
ShadowByt3$ Ransomware Hits Syngenta’s Cropwise Platform