Cyber Security
BioShocking Attack Turns AI Browsers Into Credential Thieves
Working Exploit Published for LoadMaster CVE-2026-8037 RCE
SimpleHelp CVE-2026-48558 Exploited to Deploy Djinn Stealer
CISA Confirms BlueHammer CVE-2026-33825 Used in Ransomware
Three Daktronics Controller Flaws Allow Remote Highway Sign Hijack
Gitea CVE-2026-20896 Auth Bypass Exploited via One HTTP Header
India IDRBT .bank.in Registry Leaked 5,576 Employee Records
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
Public PoC Drops for Critical libssh2 Flaw CVE-2026-55200
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
SBU and FBI Expose Russian FSB and GRU Signal Key Theft Campaign
US Offers $10M Bounty for Russian Hackers UNC5792 and UNC4221
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Law Enforcement Clears 15,000 SocGholish WordPress Sites
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Algerian Phishing Marketplace Operator Extradited to US
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
A three-CVE attack chain disclosed by Obsidian Security in LiteLLM AI Gateway lets low-privilege users escalate to root and steal all managed AI API keys.
Application Security
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
CVE-2026-48558, a critical OIDC authentication bypass in SimpleHelp RMM, lets unauthenticated attackers gain full admin access on 14,000 exposed servers.
Cybersecurity
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach
ShinyHunters claims 61 million records stolen from Sysco's Salesforce CRM, including pricing schedules and contact data, with a June 18 publication deadline.
Blog
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how to remove it.
Application Security
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Lapsus$ listed 3,800 stolen GitHub internal repositories for sale 25 days after the confirmed breach, including Copilot, CodeQL, and Dependabot source code.
Cybersecurity
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Nightspire ransomware listed four US victims including Blue Nile Medical Center with 3,000 exposed patient EHR records and Silsbee Police Department in Texas.
Cybersecurity
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Oleksii Lytvynenko, a Ukrainian national extradited from Ireland, pleaded guilty to developing the malware loader that delivered Conti ransomware payloads.
Application Security
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
Attackers hijacked Awesome Motive's CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress sites.
Application Security
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Varonis disclosed a three-step vulnerability chain in Microsoft 365 Copilot that allowed attackers to steal emails and documents with a single crafted link.
Cybersecurity
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
Novo Nordisk confirmed a breach exposing pseudonymized clinical trial biomarker data and healthcare provider records. No threat actor claimed responsibility.
Application Security
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
MalExt Sentry found 23 Chrome extensions routing 758,000 users' search queries through attacker relay servers to generate unauthorized advertising revenue.
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
Cybersecurity
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
TheGentlemen ransomware posted 20 new victims across 14 countries, including Croatia's Health Ministry and Denmark's National Museum, using double extortion.
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Two Chrome ad blocker extensions captured conversations from 90,000 users across ChatGPT, Claude, Gemini, and five other AI platforms, researchers found.
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Triple extortion ransomware attacks combine encryption, data theft, and DDoS pressure to coerce payment from multiple angles. This guide explains the full attack lifecycle, real-world ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Google's Chrome 149 security update patches 28 vulnerabilities, roughly 12 use-after-free bugs, a memory corruption class tied to drive-by code execution.
Application Security
OpenClaw AI Agent Hijacked via Malicious vCard Injection
Researchers showed OpenClaw AI agents can be hijacked through vCards with embedded instructions, enabling attacker code execution and sensitive data leakage.
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Kyushu Electric Power lost a physical storage device containing personal records on 10.9 million customers, exceeding its active customer base of 8 million.
Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Anthropic disputed a researcher jailbreak claim against Claude Fable 5, arguing the technique does not constitute a bypass of the model's safety classifiers.
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Six Proto6 vulnerabilities in protobuf.js enable remote code execution and denial-of-service against Node.js apps via malicious schemas or crafted payloads.
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
npm v12 will disable install scripts by default, requiring an explicit allowlist and closing the primary vector used by Miasma and Shai-Hulud attackers.
Application Security
Attackers Hit Oracle EBS CVE-2026-46817 Days After Patch
Application Security
India IDRBT .bank.in Registry Leaked 5,576 Employee Records
CVE Vulnerability Alerts
CISA Confirms BlueHammer CVE-2026-33825 Used in Ransomware
Cybersecurity
Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Application Security
Apple Patches 30+ Flaws as AI Systems Earn WebKit CVE Credit
Application Security
Six AirDrop and Quick Share Flaws Put 5B Devices at Risk
CVE Vulnerability Alerts
SimpleHelp CVE-2026-48558 Exploited to Deploy Djinn Stealer
Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how to remove it.
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Lapsus$ listed 3,800 stolen GitHub internal repositories for sale 25 days after the confirmed breach, including Copilot, CodeQL, and Dependabot source code.
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Nightspire ransomware listed four US victims including Blue Nile Medical Center with 3,000 exposed patient EHR records and Silsbee Police Department in Texas.
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Oleksii Lytvynenko, a Ukrainian national extradited from Ireland, pleaded guilty to developing the malware loader that delivered Conti ransomware payloads.
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
Attackers hijacked Awesome Motive's CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress sites.
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Varonis disclosed a three-step vulnerability chain in Microsoft 365 Copilot that allowed attackers to steal emails and documents with a single crafted link.
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
Novo Nordisk confirmed a breach exposing pseudonymized clinical trial biomarker data and healthcare provider records. No threat actor claimed responsibility.
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
MalExt Sentry found 23 Chrome extensions routing 758,000 users' search queries through attacker relay servers to generate unauthorized advertising revenue.
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
TheGentlemen ransomware posted 20 new victims across 14 countries, including Croatia's Health Ministry and Denmark's National Museum, using double extortion.
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Two Chrome ad blocker extensions captured conversations from 90,000 users across ChatGPT, Claude, Gemini, and five other AI platforms, researchers found.
Triple Extortion Ransomware: How It Works and How to Stop It
Triple extortion ransomware attacks combine encryption, data theft, and DDoS pressure to coerce payment from multiple angles. This guide explains the full attack lifecycle, real-world ...
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Google's Chrome 149 security update patches 28 vulnerabilities, roughly 12 use-after-free bugs, a memory corruption class tied to drive-by code execution.
OpenClaw AI Agent Hijacked via Malicious vCard Injection
Researchers showed OpenClaw AI agents can be hijacked through vCards with embedded instructions, enabling attacker code execution and sensitive data leakage.
Kyushu Electric Loses Drive With Data on 10.9M Customers
Kyushu Electric Power lost a physical storage device containing personal records on 10.9 million customers, exceeding its active customer base of 8 million.
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Anthropic disputed a researcher jailbreak claim against Claude Fable 5, arguing the technique does not constitute a bypass of the model's safety classifiers.
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Six Proto6 vulnerabilities in protobuf.js enable remote code execution and denial-of-service against Node.js apps via malicious schemas or crafted payloads.
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
npm v12 will disable install scripts by default, requiring an explicit allowlist and closing the primary vector used by Miasma and Shai-Hulud attackers.
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Anthropic released Claude Mythos 5 with safety guardrails intentionally removed to vetted security researchers alongside the public Claude Fable 5 launch.
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Novo Nordisk disclosed a breach of clinical trials patient data, triggering GDPR, GCP, and clinical research regulatory obligations across global operations.
Europol Dismantles AudiA6 Crypto Laundering Service
Europol dismantled AudiA6, a cryptocurrency laundering service that processed over $380 million in ransomware extortion proceeds for criminal networks.