GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flips in GPU memory (GDDR6) to go beyond data corruption. Attackers can use this technique to escalate privileges and, in some cases, gain full control of the system.…
Category: Exploits
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management
ClickFix Meets AI: A Multi-Platform Attack Targeting macOS in the Wild
For years, macOS environments carried an aura of relative safety. Not immunity, but lower priority in the threat landscape. That perception has aged about as well as an unpatched server. The reality in 2026 is very different. Apple devices now make up a significant share of corporate endpoints. And they sit in the hands of the people attackers most want…
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management
ClickFix Meets AI: A Multi-Platform Attack Targeting macOS in the Wild
For years, macOS environments carried an aura of relative safety. Not immunity, but lower priority in the threat landscape. That perception has aged about as well as an unpatched server. The reality in 2026 is very different. Apple devices now make up a significant share of corporate endpoints. And they sit in the hands of the people attackers most want…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
Microsoft has warned that Storm-1175, a cybercrime group linked to Medusa ransomware, is exploiting vulnerable web-facing systems in fast-moving attacks, at times moving from initial access to data theft and ransomware deployment within 24 hours. The company said the group has heavily targeted organizations in healthcare, education, professional services, and finance across Australia, the UK,…
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Risk Management
Supply chain security is now a board-level issue: Here’s what CSOs need to know
For many years, supply chain security was viewed purely as a technical concern. However, with high-profile vulnerabilities and regulations, it is now a board-level issue that requires organizations to rethink how to build resiliency and insulate their operations. The changing regulatory landscape has been a key driver of the C-suite’s focus, as legislation such as…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
The rise of proactive cyber: Why defense is no longer enough
For more than two decades, cybersecurity has been built on a reactive model: detect intrusions, patch vulnerabilities, respond to incidents, and repeat. That model is now under sustained pressure from a threat environment that is faster, more coordinated, and increasingly automated. Two recent developments illustrate how quickly that model is breaking down. Earlier this month,…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Fortinet FortiClient EMS, tracked as CVE-2026-35616 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Fortinet released out-of-band patches for a…
AI, Data Breaches, Exploits, Global Security News
New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of a host. The efforts have been codenamed GPUBreach, GDDRHammer, and GeForge. GPUBreach goes a step further than GPUHammer, demonstrating for the first time that
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Experts published unpatched Windows zero-day BlueHammer
A researcher leaked the unpatched Windows zero-day “BlueHammer,” letting attackers gain SYSTEM rights; no patch exists yet. A disgruntled researcher released the BlueHammer Windows zero-day, a privilege escalation flaw that allows attackers to gain SYSTEM or admin rights, Bleeping Computer reports. The researcher privately reported the vulnerability to Microsoft but criticized the way the Microsoft’s Security…
AI, Exploits, Global Security News
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. “The CustomMCP node allows users to input configuration settings for connecting
AI, Cybersecurity, Endpoint, Exploits, Global Security News
Fortinet customers confront actively exploited zero-day, with a full patch still pending
Fortinet released an emergency software update over the weekend to address an actively exploited vulnerability in FortiClient EMS, an endpoint management tool for customer devices. The zero-day vulnerability — CVE-2026-35616 — has a CVSS rating of 9.8 and was added to the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerability catalog Monday. Fortinet said in…
Exploits, Global Security News
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.
AI, Exploits, Global Security News, malware, Network Security
Phishing LNK files and GitHub C2 power new DPRK cyber attacks
DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations using GitHub as C2 servers. The attack chain starts with phishing emails carrying obfuscated LNK files that drop a decoy PDF and a PowerShell script to…
AI, Exploits, Global Security News
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. […]
china, Exploits, Global Security News
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. […]
Exploits, Global Security News, Risk Management
New Darktrace Research Shows Evolution of Chinese-Nexus Cyber Operations into Long-Term Strategic Statecraft, Centered on Critical Infrastructure
88% of observed incidents targeted organizations in critical infrastructure sectors, including transportation, telecommunications, healthcare, and manufacturing. Nearly 63% of compromises began with exploitation of internet-facing systems, reinforcing the risk of exposed digital infrastructure. Over half of observed activity impacted Western economies, with the U.S. alone accounting for 22.5% of cases.
AI, Cybersecurity, Exploits, Global Security News
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday. […]
Exploits, Global Security News
Automated Credential Harvesting Campaign Exploits React2Shell Flaw
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
AI, Cybersecurity, Europe, Exploits, Global Security News
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed online, with attackers actively exploiting the critical remote code execution vulnerability CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), the nonprofit security organization Shadowserver warns. The vulnerability in BIG-IP…
AI, Compliance, Exploits, Global Security News, Risk Management
Managed Security Services Shift as AI Reshapes Risk
Managed security services are entering a new phase of growth (and complexity) as AI accelerates both cyberattacks and defense strategies. For MSPs and channel partners, that dual pressure is forcing a shift in how security is delivered, packaged, and monetized. From bundled service offerings to tighter vendor alignment, providers are rethinking their role as strategic…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation
Fortinet disclosed a critical FortiClient EMS vulnerability that is already being exploited in the wild. The flaw could allow unauthenticated attackers to bypass API protections and execute unauthorized code or commands on exposed systems. “This is a zero-day. While there is no full patch, we have to give credit where credit is due: Fortinet has…
AI, Apps, Exploits, Global Security News, malware, Network Security
North Korean hackers abuse LNKs and GitHub repos in ongoing campaign
DPRK-linked threat actors are preferring stealth over sophistication in their targeting of South Korean organizations, as researchers report use of weaponized Windows shortcut (.LNK) files and GitHub-based command-and-control (C2) channels in a new campaign. According to new Fortinet findings, a series of attacks that began in 2024 were found using a multi-stage scripting process and…
AI, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
Authentication is broken: Here’s how security leaders can actually fix it
Authentication keeps breaking where it matters most: On regulated front lines such as healthcare, government, aerospace and travel. The core issue is not a lack of innovation. Instead, it is a brittle and fragmented ecosystem of cards, readers, middleware and software that rarely work together under real-world pressure. Even today’s “passwordless” solutions can be undermined…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
6 ways attackers abuse AI services to hack your business
Attackers are starting to exploit AI systems to mount attacks in the same way they once relied on built-in enterprise tools such as PowerShell. Instead of relying on malware, cybercriminals are increasingly abusing AI tools enterprises depend on — a trend some experts describe as living off the AI land. “We’re seeing it in things…
AI, Exploits, Global Security News, Risk Management
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS 9.1), which is already being exploited in attacks in the wild. The flaw is an improper access control issue that allows attackers to bypass authentication…
Exploits, Global Security News
New FortiClient EMS flaw exploited in attacks, emergency patch released
Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. […]
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government RoadK1ll: A WebSocket Based Pivoting Implant axios Compromised: npm Supply Chain Attack via Dependency Injection …
AI, Exploits, Global Security News
Hackers exploit React2Shell in automated credential theft campaign
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. […]
AI, Exploits, Global Security News, malware
Image or Malware? Read until the end and answer in comments :)
A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an analysis. First, let me express my thanks to Janô Falkowski Burkard for this amazing contribution. A little context, He received an email that was really strange and…
AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia, Venture
Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qilin ransomware group claims the hack of German political party Die Linke U.S. CISA adds a…
AI, Exploits, Global Security News
Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the…
AI, Cybersecurity, Exploits, Global Security News
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. “Every package contains three files (package.json, index.js, postinstall.js), has no description, repository,
AI, Exploits, Global Security News
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation. “An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an
AI, Apps, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in TrueConf Client, tracked as CVE-2026-3502 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. TrueConf is a videoconferencing platform often used in secure, offline…
AI, Endpoint, Exploits, Global Security News
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient…
AI, Apps, Endpoint, Exploits, Global Security News, Risk Management
Security lapse lets researchers view React2Shell hackers’ dashboard
An apparent security lapse has allowed researchers to peer into the work of a threat group currently exploiting unpatched servers open to the four-month-old React2Shell vulnerability to steal login credentials, keys, and tokens at scale. Researchers from Cisco Systems’ Talos threat intelligence team who made the discovery said Thursday that the data harvested by an…
AI, Exploits, Global Security News
Google patches fourth Chrome zero-day so far this year
Google has patched another zero-day vulnerability in Chrome, its fourth this year. In patching the vulnerability, tracked as CVE-2026-5281, the company acknowledged that an exploit for it already exists in the wild. According to the report in NIST’s National Vulnerability Database, the vulnerability in Dawn, the implementation of WebGPU used by Chrome, allowed a remote…
AI, Exploits, Global Security News, Risk Management
Claude Code is still vulnerable to an attack Anthropic has already fixed
The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code. The vulnerability, revealed by AI security company Adversa, is that if Claude Code is presented with a command composed of more than 50 subcommands, then for subcommands after the 50th it will…
AI, Data Breaches, Europe, Exploits, Global Security News, malware, Network Security
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu platform to the recent supply chain attack on Aqua Security’s Trivy open-source vulnerability scanner. The attack on the AWS cloud infrastructure hosting the Europa.eu web hub on March 24 resulted in the theft of 350 GB of…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Cisco 2026 State of Wireless Report: AI Wireless Threats Grow as Security Gaps Widen
Wireless networks are becoming a prime target for attackers — and many organizations aren’t prepared to keep up. Cisco’s 2026 State of Wireless report warns that as enterprises scale AI, IoT, and high-bandwidth applications, wireless environments are expanding faster than security defenses can adapt. “AI-generated attacks are the leading driver of increased wireless security risk,”…
AI, APAC, Exploits, Global Security News, Politics
Apple leans into the component crisis storm
What does a well-managed company do in a tough business environment? It works to separate obstacle from opportunity, and then exploits its advantages, scale, and timing to turn the former into the latter. Apple’s history is full of examples of this kind, from the 150 calls a young Steve Jobs made cold-calling investors to Apple’s recent move to…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
High-Severity Vulnerabilities, Supply Chain Breaches, and AI Threats Redefine Cybersecurity This Week
Major Threats & Vulnerabilities High-Severity Flaws A newly disclosed Cisco IMC vulnerability (CVSS 9.8) allows unauthenticated attackers to gain full administrative access to UCS servers. Cisco has issued patches, and while no active exploitation has been observed, immediate updates are strongly advised. In another critical discovery, a GIGABYTE Control Center flaw enables remote code execution…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Armis State of Cyberwarfare Report: AI-Powered Cyber Attacks Accelerate Worldwide
Cyberwarfare has entered a new phase — and it’s moving faster than many organizations can defend against. The 2026 State of Cyberwarfare report from Armis warns that AI-driven attacks, geopolitical tensions, and expanding digital dependencies are converging to create a constant, high-pressure threat environment for enterprises worldwide. “Modern businesses find themselves in the crosshairs of…
AI, Cybersecurity, Exploits, Funding, Global Security News
North Korea–linked hackers drain $285M from Drift in sophisticated attack
Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions, while also compromising multisig approvals…
AI, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
TeamPCP Supply Chain Campaign: Update 006 – CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
This is the sixth update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 005 covered developments through April 1, including the first confirmed victim disclosure (Mercor AI), Wiz’s post-compromise cloud enumeration findings, DPRK attribution of the axios compromise, and LiteLLM’s release resumption after Mandiant’s forensic audit.…
Cybersecurity, Exploits, Global Security News, malware
Claude Code source leak exploited to spread malware
A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software. Leaked Claude Code source code used as lure On March 31, 2026, Anthropic accidentally exposed online the source code of…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Cisco fixes critical IMC auth bypass present in many products
Cisco has released patches for a critical vulnerability in its out-of-band management solution, present in many of its servers and appliances. The flaw allows unauthenticated remote attackers to gain admin access to the Cisco Integrated Management Controller (IMC), which gives administrators remote control over servers even when the main OS is shut down. The vulnerability,…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Crowdstrike 2026 Global Threat Report: Adversaries Use AI to Bypass Defenses
Attackers are moving faster, blending in better, and increasingly using AI to stay ahead of defenders. The Crowdstrike 2026 Global Threat Report highlights a shift toward stealthy, identity-driven attacks that are harder to detect and quicker to execute. “This is an AI arms race. Breakout time is the clearest signal of how intrusion has changed.…
Exploits, Global Security News, malware
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. […]
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
Claude Code Leak Exposes AI Supply Chain Threats
A leak involving Anthropic’s Claude Code has drawn attention from the cybersecurity and developer communities, exposing internal components of the AI coding agent and introducing potential risks for organizations. “The significance of this leak is in what the code reveals about AI agent architecture. The leak exposed approximately 512,000 lines of TypeScript across roughly 1,900…
Exploits, Global Security News
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos has attributed the operation to a threat cluster it tracks as
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security
Cisco fixed critical and high-severity flaws
Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two critical and six high-severity vulnerabilities. These flaws could let attackers bypass authentication, execute malicious code, escalate privileges, and access sensitive information. One of these critical flaws is CVE-2026-20093 (CVSS score of…
AI, Cybersecurity, Exploits, Global Security News, malware
Akira ransomware group can achieve initial access to data encryption in less than an hour
The Akira ransomware group has compromised hundreds of victims over the past year with a well-honed attack lifecycle that has whittled down the time from initial access to encryption of data in less than four hours, according to cybersecurity firm Halcyon. Akira has been active since 2023, racking up at least $245 million in ransom…
AI, Apps, Exploits, Global Security News
Google Workspace’s continuous approach to mitigating indirect prompt injections
Posted by Adam Gavish, Google GenAI Security Team Indirect prompt injection (IPI) is an evolving threat vector targeting users of complex AI applications with multiple data sources, such as Workspace with Gemini. This technique enables the attacker to influence the behavior of an LLM by injecting malicious instructions into the data or tools used by…
AI, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, privacy
Jamf warns of massive app insecurities
“Be wary then; best safety lies in fear,” said Laertes to sister Ophelia in William Shakespeare’s Hamlet. That’s a quote that should be on the desk of every business professional, as the digital environment is full of danger. Jamf provides us with a good look at what’s becoming a dangerous environment for Mac and iOS…
AI, Exploits, Global Security News
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. “This
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
Hasbro Cyberattack: Timeline, Impact, and Industry Implications
Hasbro, the Rhode Island-based toy and game company that owns brands like Monopoly, Play-Doh, Peppa Pig, and Transformers, said in late March 2026 that someone had broken into its network without permission. On March 28, the intrusion was found, and Hasbro had to take parts of its systems offline while investigators and cybersecurity experts worked…
AI, Exploits, Global Security News
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
Threat actors are exploiting vacant homes as “drop addresses” to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. […]
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cisco IMC Flaw Grants Unauthenticated Admin Access
A flaw in Cisco’s Integrated Management Controller (IMC) allows unauthenticated attackers to gain administrative access to affected UCS servers, which could potentially lead to full system compromise. The vulnerability “… could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin,” said Cisco in its advisory. Cisco IMC Flaw…
Exploits, Global Security News
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
AI, Exploits, Global Security News
EvilTokens abuses Microsoft device code flow for account takeovers
A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia researchers first spotted the toolkit “EvilTokens” that lets attackers capture authentication tokens by tricking users into completing a legitimate login process in Microsoft’s own environment. The activity, observed since at least mid-February, relies on social…
AI, Exploits, Global Security News
DarkSword exploit forces Apple to loosen its patching policy
Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based on vulnerability severity. Allowing iOS 18 users to receive patches without upgrading to iOS 26, however, signals…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Cybersecurity in the age of instant software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an application on demand — a spreadsheet, for example — and delete…
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security
TrueConf zero-day vulnerability exploited to target government networks
Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs)…
Exploits, Global Security News
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability. […]
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, privacy, Risk Management
Italian spyware vendor creates Fake WhatsApp app, targeting 200 users
WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has recently uncovered a malicious fake version of its app that targeted roughly 200 users, most of whom are in Italy. The platform confirmed that the unofficial client contained spyware and was…
AI, Exploits, Global Security News, Risk Management
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. “We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Google Dawn, tracked as CVE-2026-5281 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is a use after free in the Dawn…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Chrome Vulnerability CVE-2026-5281 Exploited in the Wild
Google has released a Chrome update for multiple high-severity flaws and confirmed that one of the vulnerabilities is being actively exploited in the wild. We are “… aware that an exploit for CVE-2026-5281 exists in the wild,” said Google in its advisory. Inside CVE-2026-5281 The vulnerability, tracked as CVE-2026-5281, is a use-after-free flaw affecting Chrome’s…
AI, Exploits, Global Security News
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. […]
Endpoint, Exploits, Global Security News
Hackers exploit TrueConf zero-day to push malicious software updates
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. […]
Exploits, Global Security News, Risk Management
Apple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit
Apple pushes rare iOS 18 security patch to protect devices at risk from the DarkSword exploit, urging users to update or move to iOS 26 for stronger protection.
AI, Apps, Exploits, Global Security News, Risk Management
Google fixes fourth actively exploited Chrome zero-day of 2026
Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome updates fixing 21 vulnerabilities, including a new actively exploited zero-day tracked as CVE-2026-5281. The flaw is a use-after-free bug in Dawn, the WebGPU component used for graphics processing. Due to ongoing…
AI, Exploits, Global Security News
Fireside Chat: AI agents are reshaping mobile attacks — and exposing weak API trust models
SAN FRANCISCO — A new exposure is emerging in mobile security as AI begins to act on behalf of users — and attackers move to exploit that shift. Related: RSAC wrap-up—no easy fixes for AI exposures In a Fireside Chat at RSAC 2026, Approov CEO Ted Miracco described how mobile apps are starting to hand…
AI, Cybersecurity, Exploits, Global Security News
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds. The catch: LLMs are evolving so rapidly that this convenience might come with hidden dangers. The latest example is from researcher Hung Nguyen from AI red teaming…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Bitdefender Launches Internal Attack Surface Assessment
Bitdefender recently announced the launch of Bitdefender Attack Surface Assessment to help enterprises discover hidden cybersecurity risks. Complimentary evaluation shines spotlight on hidden risk The assessment is a complimentary evaluation that helps organizations identify and reduce hidden internal cyber risk from unnecessary user access to applications, tools, and operating system utilities commonly exploited in modern…
Exploits, Global Security News
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber’s upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. […]
AI, Exploits, Global Security News, malware
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm supply chain compromise to a North Korean threat group tracked as UNC1069. The attack, aimed at financial gain, exploited the package to target developers and organizations relying on Axios. John Hultquist…
AI, Apps, Data Breaches, Exploits, Global Security News, Government & Policy, privacy
TeamPCP Supply Chain Campaign: Update 005 – First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 004 covered developments through March 30, including the Databricks investigation, dual ransomware operations, and AstraZeneca data release. This update consolidates two days of intelligence through April 1, 2026. HIGH: Mercor AI…
AI, Exploits, Global Security News, Risk Management
Exabeam Extends Behavior Detection and Response Analytics
Exabeam has recently announced the expansion of Exabeam Agent Behavior Analytics (ABA), extending behavior detection and response to OpenAI ChatGPT and Microsoft Copilot. Capabilities close the visibility gap in AI usage The expansion applies behavior profiling and analytics to the digital workforce, as organizations don’t have direct visibility into how employees are using AI assistants,…
AI, Exploits, Global Security News
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard. “Use-after-free in Dawn in Google…
AI, Exploits, Global Security News
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)
Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers). CVE-2026-5281’s official description says it’s a use-after-free (UAF) vulnerability in…
AI, Exploits, Global Security News, malware
WhatsApp malware campaign uses malicious VBS files to gain persistent access
Microsoft is warning WhatsApp users of a new malware campaign that tricks them into executing malicious Visual Basic Script (VBS) files, ultimately enabling persistence and remote access. In a March 31 report, Microsoft Defender Experts said attackers have been distributing malicious Visual Basic Script (VBS) files through WhatsApp since at least late February, relying on…
Exploits, Global Security News
Google fixes fourth Chrome zero-day exploited in attacks in 2026
Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year. […]
AI, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, malware, Network Security, Risk Management
Security awareness is not a control: Rethinking human risk in enterprise security
Organizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years. They essentially follow a playbook that involves investing in awareness training, running phishing simulations, and requiring employees to complete annual security modules. The reason behind this is simple and the reasoning behind these efforts…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Risk Management
Anthropic employee error exposes Claude Code source
An Anthropic employee accidentally exposed the entire proprietary source code for its AI programming tool, Claude Code, by including a source map file in a version of the tool posted on Anthropic’s open npm registry account, a risky mistake, says an AI expert. “A compromised source map is a security risk,” said US-based cybersecurity and…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Venture
5 unexpected takeaways and one big prediction from RSAC
This year’s RSAC was different. A big part of that is because for the first time, I showed up not as a product leader or industry insider, but as a founder of a venture-backed cybersecurity startup. From presenting in front of George Kurtz, CJ Moses, Robert Herjavec, and Bartley Richardson as one of just six…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security
The Invisible Breach: How AI Agents Became the Most Dangerous Attack Surface of 2025–2026
The Attack That Requires No Click In June 2025, Microsoft patched a critical vulnerability in Microsoft 365 Copilot — one that its discoverers at Aim Security described as something that had never been seen before. A threat actor needed only to send a carefully crafted email to any employee within a target organization. No link.…
AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Axios npm Attack Deploys Cross-Platform RAT
A brief compromise of the popular Axios npm package shows how quickly a trusted dependency can become a widespread threat. Attackers hijacked a maintainer account and published malicious versions that silently installed a remote access trojan (RAT) during routine package installs, putting developer environments and CI/CD pipelines at risk. “While traditional risks like manual dependency…
AI, Exploits, Global Security News
Google’s Vertex AI Has an Over-Privileged Problem
Palo Alto researchers show how attackers could exploit AI agents on Google’s Vertex AI to steal data and break into restricted cloud infrastructure.
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Check Point Research Reveals ChatGPT Data Exfiltration Flaw
A flaw in ChatGPT’s code execution environment shows how a single malicious prompt could quietly leak sensitive user data — without any warning or user approval needed. “Sensitive data shared with ChatGPT conversations could be silently exfiltrated without the user’s knowledge or approval,” said Check Point researchers. Inside the ChatGPT DNS Exfiltration Flaw The issue…
AI, Exploits, Global Security News, Government & Policy, malware, Risk Management
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is now under active exploitation. Hackers are using it to deploy a persistent malware program that runs with root privileges. The CVE-2025-53521 vulnerability was first disclosed…
AI, Apps, Compliance, Endpoint, Europe, Exploits, Global Security News, Risk Management
AWS Security Agent on-demand penetration testing now generally available
AWS Security Agent on-demand penetration testing is now generally available, enabling you to run comprehensive security tests across all your applications, not only your most critical ones. This milestone transforms penetration testing from a periodic bottleneck into an on-demand capability that scales with your development velocity across AWS, Azure, GCP, other cloud-providers, and on-premises. With…
AI, Apps, Exploits, Global Security News, Government & Policy
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker…
Exploits, Global Security News
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds
AI, Apps, Exploits, Global Security News, malware, Risk Management
New Bitdefender assessment helps organizations identify and eliminate hidden internal attack paths
Bitdefender has announced the Bitdefender Internal Attack Surface Assessment, a complimentary evaluation that helps organizations identify and reduce hidden internal cyber risks caused by unnecessary user access to applications, tools, and operating system utilities commonly exploited in attacks. The assessment provides organizations with a data-driven view of their internal attack surface and offers actionable guidance…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
SonicWall Report Finds Preventable Risks Drive Breaches
The most dangerous cybersecurity threat facing businesses today isn’t a novel, AI-generated attack. It’s a stolen password, an unpatched system, and the quiet confidence that it won’t happen to you. That is the sobering conclusion of the 2026 SonicWall Cyber Protect Report, released today. In a reframing of traditional threat reporting, the company has shifted…
AI, Apps, china, Compliance, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, privacy, Risk Management
California to bar AI vendors that can’t prove bias safeguards
AI vendors selling to the California state government must prove they have safeguards against algorithmic bias, civil rights violations, and illegal content, or risk being barred from state contracts, under an executive order signed by Governor Gavin Newsom. The order directs the Department of General Services and the California Department of Technology to develop new…
AI, Exploits, Global Security News, Network Security, Risk Management
OpenAI patches twin leaks as Codex slips and ChatGPT spills
OpenAI has fixed two flaws in its AI stack that could allow AI agents to move sensitive data in unintended ways. The issues, disclosed by researchers at BeyondTrust and Check Point Research, affect the OpenAI Codex coding agent and ChatGPT’s code execution environment, respectively. One enabled GitHub token theft through command injection, while the other…
Exploits, Global Security News
Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild
F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately.