Archive
All articles, newest first. Page 4.
Gravity SMTP: 17M Attacks Exploit Info-Disclosure Bug
CVE-2026-4020 in the WordPress Gravity SMTP plugin is under active exploitation, exposing email credentials and infrastructure bluepri…
ZDI-26-358: Allegra Patches XSS in downloadAttachment Method
The ZDI-26-358 advisory from Trend Micro's Zero Day Initiative discloses a cross-site scripting vulnerability in Allegra's downloadAtt…
usbliter8: Unpatchable Exploit Hits Apple A12/A13 SecureROM
Paradigm Shift releases usbliter8, an unpatchable hardware exploit achieving arbitrary EL1 execution in Apple A12/A13 SecureROM via th…
X.Org Server UAF CVE-2026-34001: Local Root Escalation on Linux
ZDI-26-335 discloses a use-after-free in X.Org Server's SyncTriggerList: CVSS 7.8, local attack with no user interaction, X.Org patch…
AutoJack: A Single Web Page Hijacks AI Agents to Execute Code on the Host
Microsoft Security has disclosed AutoJack, a three-vulnerability chain in AutoGen Studio that turns browsing-capable AI agents into ve…
Crypto-Clipper: The Fake Reputation Economy Becomes a Weapon
Cybercriminals have weaponized stars, downloads, and reviews to distribute a Rust-based clipper across GitHub, YouTube, and even legit…
Tax Scam Impersonates the State: Adaptive Phishing Targets Crypto and Bank Accounts
CERT-AGID has detected active phishing campaigns abusing the name, logo, and branding of Italy's Agenzia delle Entrate to trick victim…
Agentic AI Replaces Assistive AI in Threat Management
Agentic AI is turning Gartner's CTEM framework from a strategic document into a continuous operational cycle. The shift, documented Ju…
Shadow AI: The Real Threat Is Access Control, Not Data Leakage
The shadow AI problem has shifted from browser-based chatbots to enterprise systems: autonomous agents running with live credentials,…
Banking Phishing: Evasion via IPv4-Mapped IPv6
A phishing campaign targeting Belgian e-banking exploits compressed IPv4-mapped IPv6 syntax to bypass regex-based security checks and…
Log Discard: 86% of Security Logs End Up in the Trash
A Dynatrace survey of 450 senior IT leaders at large enterprises reveals that half of organizations discard or fail to collect an aver…
Interpol: $40 Billion Scam Economy in Asia, Cybercrime Tops 30% of All Crime
Interpol's 2025/2026 assessment documents a nearly $40 billion organized scam economy in Asia-Pacific, with cybercrime exceeding 30% o…
June 2026 ThreatsDay Bulletin: When Claude’s Shared Chat Becomes a Malware Vector
The June 2026 ThreatsDay Bulletin documents the abuse of Anthropic Claude’s shared chat feature to distribute the MacSync credential s…
Novo Nordisk: Exposed GitHub Token Leads to 1.3 TB Theft Over Two Months
A GitHub personal access token exposed in client-side JavaScript opened a two-month dwell window: roughly 1.3 TB of data, AI models, a…
Mackay Sugar Ransomware Attack Halts Mills, 1,300 Farms Frozen at Harvest Start
The Gentlemen ransomware group struck Australia's second-largest sugar producer on June 10, 2026, idling two of three mills and forcin…
Klue Breach: Dormant OAuth Credential Opens Multi-Victim Door to Salesforce
The Icarus extortion group exfiltrated CRM data from Klue customers by abusing stolen OAuth tokens. Cybersecurity vendor Huntress conf…
Operation Endgame Dismantles SocGholish: Nearly 15,000 Sites Cleaned
On June 18, 2026, the international Operation Endgame coalition took down 106 servers and domains linked to SocGholish and cleaned 14,…
CryptoBandits: The USB Clipper-Worm That Adds RCE via Tor
Microsoft disclosed an active Windows clipper malware campaign running since February 2026 that uses malicious LNK files distributed v…
The 'robase' Malware Empties Entire Roblox Games: From Hat Theft to Digital Business Seizure
A malware campaign using the Python package 'robase' steals authenticated session tokens from Roblox developers via Discord social eng…
Apple Beats: Bluetooth Flaw Turns Headphones Into Spy Microphones
Apple patched CVE-2025-20701 in Beats Studio Buds: attackers within Bluetooth range could eavesdrop on conversations by exploiting a f…
vbdec Disassembler Becomes Local AI Server via COM/ROT
Cisco Talos demonstrates how exposing vbdec's object model to the Windows Running Object Table enables local agentic automation withou…
Kodak Confirms Breach: ShinyHunters Threatens 2.2 Million Records
Kodak confirms a data breach after the ShinyHunters extortion group claimed theft of over 2.2 million records and threatened publicati…
Splunk Enterprise PostgreSQL Sidecar Bug (CVSS 9.8) Enables Unauthenticated RCE
CVE-2026-20253 allows unauthenticated remote code execution on Splunk Enterprise. The web proxy on port 8000 exposes an internal Postg…
INC Ransomware: 800 Victims, Not a Single Zero-Day
INC ranks among the world's most active ransomware groups despite relying exclusively on known techniques. The Acronis report reveals…