Cyber Security
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
Cybersecurity
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Application Security
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Cybersecurity
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Cybersecurity
Algerian Phishing Marketplace Operator Extradited to US
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
CVE Vulnerability Alerts
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
CVE-2026-20971 is a CVSS 7.8 use-after-free in Samsung KNOX's PROCA and FIVE subsystems, affecting Galaxy S9 through S25 across Android 13, 14, 15, and 16.
Cybersecurity
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto wallets and iCloud Keychain.
Application Security
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Four critical Dify vulnerabilities named DifyTap allow cross-tenant access to private AI chats, uploaded files, and internal APIs. Patched in version 1.14.2.
Application Security
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Security firm AIR planted a fake AI agent skill that bypassed all scanners and reached 26,000 agents, exposing a supply chain flaw in AI skill ...
Cybersecurity
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use of its threat reduction powers.
Cybersecurity
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Elastic Security Labs exposed OXLOADER and CastleStealer — two new Russian-linked malware families spread via fake Google Ads targeting software downloaders.
Blog
Understanding Cloud Detection and Response (CDR) and Its Security Role
Learn what cloud detection and response (CDR) is, how it works, and practical steps to secure cloud workloads with real‑time threat visibility.
Application Security
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
JFrog disclosed CVE-2026-8461, a critical heap overflow in FFmpeg's video decoder enabling remote code execution when processing malicious video files.
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
TOP CYBERSECURITY HEADLINES
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
This Week’s Security Spotlight
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Algerian Phishing Marketplace Operator Extradited to US
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
CVE-2026-20971 is a CVSS 7.8 use-after-free in Samsung KNOX's PROCA and FIVE subsystems, affecting Galaxy S9 through S25 across Android 13, 14, 15, and 16.
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto wallets and iCloud Keychain.
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Four critical Dify vulnerabilities named DifyTap allow cross-tenant access to private AI chats, uploaded files, and internal APIs. Patched in version 1.14.2.
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Security firm AIR planted a fake AI agent skill that bypassed all scanners and reached 26,000 agents, exposing a supply chain flaw in AI skill ...
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use of its threat reduction powers.
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Elastic Security Labs exposed OXLOADER and CastleStealer — two new Russian-linked malware families spread via fake Google Ads targeting software downloaders.
Understanding Cloud Detection and Response (CDR) and Its Security Role
Learn what cloud detection and response (CDR) is, how it works, and practical steps to secure cloud workloads with real‑time threat visibility.
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
JFrog disclosed CVE-2026-8461, a critical heap overflow in FFmpeg's video decoder enabling remote code execution when processing malicious video files.
Microsoft AutoGen AI Framework Vulnerable to Localhost RCE
Microsoft disclosed AutoJack, a three-part vulnerability chain in AutoGen Studio that lets attackers hijack AI agents and execute arbitrary system commands.
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
Kaspersky found a WhatsApp phishing campaign using VBScript to install ManageEngine RMM software across multiple countries, granting attackers remote access.
TeamPCP Open-Source Supply Chain Investigation Reveals Years of Access
Researchers investigated the TeamPCP threat group that exploited open-source speed culture for years of supply chain access across thousands of organizations.