Practical cybersecurity intelligence for defenders.
According to the FBI advisory, Kali365 enables threat actors to bypass multi-factor authentication (MFA) protections without directly stealing user passwords. Instead, attackers abuse legitimate Microsoft authentication workflows to trick victims into authorizing attacker-controlled sessions.
Read Full ArticleAn Iranian state-sponsored cyber espionage group known as Nimbus Manticore has been linked to a new wave of highly targeted intrusion campaigns leveraging AI-assisted malware development, SEO poisoning, phishing operations, and trojanized enterprise software installers.
Read Full ArticleThe vulnerability, tracked as CVE-2026-26980, affects Ghost CMS versions 3.24.0 through 6.19.0 and enables unauthenticated attackers to extract sensitive database content, including administrative API keys.
Read Full ArticleRemote Sunrise Helper for Windows 2026.14 - Remote Code Execution.. local exploit for Windows platform
Read Full ArticleMicrosoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of 8.8. It has been assigned an important severity.
Read Full ArticleApache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service. CVE-2026-23918 . webapps exploit for Multiple platform
Read Full ArticleLinux Kernel 6.8 - Local Privilege Escalation.. local exploit for Linux platform
Read Full ArticleMicrosoft has disclosed CVE-2026-41096, a critical heap-based buffer overflow vulnerability in Windows DNS that could allow unauthenticated remote code execution. Learn affected systems, detection guidance, and mitigation steps.
Read Full ArticleMicrosoft has patched CVE-2026-41091, a privilege escalation vulnerability affecting Microsoft Defender that was actively exploited in the wild to gain SYSTEM privileges on Windows systems.
Read Full ArticleFoxconn, the world's largest electronics manufacturer, says some of its North American factories are now working to resume normal operations after a cyberattack.
Read Full ArticleMicrosoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability
Read Full ArticleThis webinar will help OT security teams and asset owners stop being cost centers and start being resilience drivers. The post Webinar Today: ROI for Cyber-Physical Security Programs appeared first on SecurityWeek.
Read Full ArticleIn the latest evolution of automated cyberattacks, two threat campaigns heavily leveraged AI agents to support attacks against entities in Mexico and Brazil.
Read Full ArticleArtificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.
Read Full ArticleGerman authorities have shut down a relaunch version of the criminal marketplace 'Crimenetwork' that generated more than 3.6 million euros, and arrested its operator. [...]
Read Full ArticleCISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.
Read Full ArticleHackers who gained access to the databases of Spanish fast-fashion retailer Zara stole data belonging to more than 197,000 customers, according to data breach notification service Have I Been Pwned.
Read Full ArticleA new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command.
Read Full ArticleA previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling. "QLNX targets developers and DevOps credentials across the software supply chain,"
Read Full ArticleThreat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick, which is known to leverage a worm called SORVEPOTEL to spread via
Read Full ArticleCybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over
Read Full ArticleThe hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
Read Full ArticleIvanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.
Read Full ArticleYour security controls aren't failing, they're missing where most of today's work actually happens. Keep Aware shows how browser activity like copy/paste and AI prompts bypass traditional protections. [...]
Read Full ArticleThe cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking.
Read Full ArticleMitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms.
Read Full ArticleThe fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities.
Read Full ArticleCybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. [...]
Read Full ArticleCISA has warned that threat actors have started exploiting the "Copy Fail" Linux security vulnerability in the wild, one day after Theori researchers disclosed it and shared a proof-of-concept (PoC) exploit.
Read Full ArticleOn December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his motivation for the hack: he wanted to buy Pokémon cards. In a sense, this is a fairly conventional story.
Read Full ArticleHackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal.
Read Full ArticleCISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing.
Read Full ArticleAdvanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion. The post OpenAI Rolls Out Advanced Security for ChatGPT Accounts.
Read Full ArticleA practical breakdown of what happened, why package repository attacks matter, and how security teams can monitor similar risks.
Read Full Article