Apple disclosed a zero-day vulnerability Wednesday that the vendor warned was previously “exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in a security update. The memory-corruption vulnerability — CVE-2026-20700 — affects iPhones and iPads and was exploited on devices running versions of iOS before iOS 26. The Cybersecurity and Infrastructure…
Category: Threats
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Threats
macOS Infostealers Fuel Growing Cybercrime Market
For years, some Mac users believed their devices were largely insulated from the malware plaguing Windows environments. That perception is rapidly eroding. Flare researchers found a growing underground economy is now centered on macOS Infostealers — malware designed to extract browser credentials, Apple Keychain data, and cryptocurrency wallet seed phrases at scale. “I remember that…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Mobile, Network Security, News, Risk Management, Threats
Apple Patches Actively Exploited Zero-Day Flaw
Apple is urging users to update immediately after patching a zero-day vulnerability that was exploited in what it described as “extremely sophisticated” attacks against specific individuals. The flaw, which impacts multiple Apple operating systems, allowed attackers to execute arbitrary code on vulnerable devices. “An attacker with memory write capability may be able to execute arbitrary…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Global Security News, Network Security, News, privacy, Risk Management, Threats
Viral AI Caricatures Highlight Shadow AI Dangers
A viral Instagram and LinkedIn trend is turning harmless fun into a potential security headache. Millions of users are prompting ChatGPT to “create a caricature of me and my job based on everything you know about me,” then posting the results publicly — inadvertently signaling how they use AI at work and what access they…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk
A decades-old libpng flaw exposes widely used systems to denial-of-service and potential code execution via crafted PNG files.
The post CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk appeared first on eSecurity Planet.
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Microsoft, Network Security, News, Risk Management, Threats
CVE-2026-21514: Actively Exploited Word Flaw Evades OLE Security
Microsoft patched an actively exploited Word flaw that bypasses OLE protections and executes malicious documents without standard warnings.
The post CVE-2026-21514: Actively Exploited Word Flaw Evades OLE Security appeared first on eSecurity Planet.
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats, trends
White House Draft Executive Order Signals Broader Federal Push on Quantum Strategy
A draft executive order would coordinate federal quantum strategy and accelerate modernization efforts.
The post White House Draft Executive Order Signals Broader Federal Push on Quantum Strategy appeared first on eSecurity Planet.
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Windows Notepad RCE Flaw Exploits Markdown Files
Microsoft has patched a vulnerability in the modern Windows Notepad app that could allow remote code execution if a user opens a specially crafted Markdown file. The issue carries a CVSS score of 8.8 and requires user interaction to exploit. The vulnerability “… allows an unauthorized attacker to execute code over a network,” said Microsoft…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Windows Patch Fixes Exploited RasMan DoS Flaw
Microsoft has patched a vulnerability in the Windows Remote Access Connection Manager (RasMan) service that was being exploited to trigger denial-of-service (DoS) conditions on unpatched systems. If exploited, the flaw can cause the remote access service to crash, potentially interrupting VPN connectivity and affecting remote access for users and administrators. The vulnerability “… allows an…
AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Microsoft, Patch Tuesday, Risk Management, Threats
Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities
Microsoft’s latest security update is littered with zero-day vulnerabilities, actively exploited defects that account for more than 10% of the total CVEs the vendor addressed in this month’s Patch Tuesday update. The vendor addressed 59 vulnerabilities affecting its various products for business operations and underlying systems, including six defects that were actively exploited prior to…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
FortiOS Authentication Bypass Exposes VPN and SSO Deployments
Fortinet has disclosed an authentication bypass vulnerability in FortiOS. Under certain configurations, the flaw could allow attackers to bypass LDAP-based authentication controls and gain unauthorized access to protected enterprise networks. The vulnerability “… may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, under specific LDAP server configuration,” said Fortinet…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
FortiSandbox XSS Vulnerability Allows Remote Command Execution
Fortinet has disclosed a vulnerability in its FortiSandbox platform that could allow unauthenticated attackers to execute arbitrary commands. The issue involves a cross-site scripting (XSS) flaw in the FortiSandbox web interface that may lead to elevated access if exploited. The vulnerability “… may allow an unauthenticated attacker to execute commands via crafted requests,” said Fortinet…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
Picus Red Report 2026 Shows Attackers Favor Stealth Over Disruption
Cyber attackers are quietly changing how they operate — and the latest Picus Red Report shows that disruption is no longer the goal. Rather than encrypting systems or triggering immediate disruption, Picus Security found that adversaries are prioritizing stealth, persistence, and long-term access within enterprise environments. “The 2026 Red Report confirms that the era of…
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
Bing Ads Abused to Deliver Azure-Hosted Tech Support Scams
A recently identified scam campaign is using Bing search advertisements and Microsoft Azure infrastructure to redirect users to fraudulent tech support pages, demonstrating how legitimate platforms can be misused for social engineering activity. “The tech support scam campaign had a significant initial impact, affecting users across 48 different organizations in the U.S. within a short…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, EU, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Threats
European Commission Hit by Mobile Management Data Breach
European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data. The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it. “The EU commission did well to clean systems swiftly and ensure…
AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Endpoint, Europe, Exploits, Global Security News, Government & Policy, ivanti, known exploited vulnerabilities (KEV), network edge devices, Threats
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…
AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Endpoint, Europe, Exploits, Global Security News, Government & Policy, ivanti, known exploited vulnerabilities (KEV), network edge devices, Threats
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Ivanti customers, including major government agencies, face mounting pressure as attackers expand their scope of targets to exploit a pair of vulnerabilities the vendor disclosed late January after in-the-wild attacks already occurred. The Netherlands’ Dutch Data Protection Authority and the Council for the Judiciary confirmed both agencies were impacted by attacks linked to the Ivanti…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise. LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale. “If exploited by a bad actor, even a benign prompt (“take…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…
AI, Apps, Artificial Intelligence, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries. It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…
AI, Apps, Artificial Intelligence, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries. It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…
AI, Apps, Artificial Intelligence, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries. It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…
AI, Apps, Artificial Intelligence, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries. It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…
AI, Apps, Artificial Intelligence, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries. It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace. The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace. The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace. The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace. The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution
A vulnerability in BeyondTrust remote access products allows unauthenticated attackers to execute arbitrary operating system commands, potentially granting full control over affected systems. The flaw impacts BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) and carries a CVSS score of 9.9. “Successful exploitation requires no authentication or user interaction and may lead to system…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution
A vulnerability in BeyondTrust remote access products allows unauthenticated attackers to execute arbitrary operating system commands, potentially granting full control over affected systems. The flaw impacts BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) and carries a CVSS score of 9.9. “Successful exploitation requires no authentication or user interaction and may lead to system…
AI, Apps, Cloud, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
TeamPCP and the Rise of Cloud-Native Cybercrime
Flare researchers have identified a threat actor known as TeamPCP behind a large-scale campaign targeting cloud-native infrastructure by abusing exposed orchestration and management interfaces. First observed in late 2025, the activity reflects a broader shift away from endpoint-focused attacks toward systematic exploitation of cloud control planes. “The campaign reflects a dark mirror of legitimate markets.…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, privacy, Risk Management, Threats
Flickr Notifies Users of Potential Third-Party Data Exposure
Flickr has begun notifying users about a potential data exposure tied to a vulnerability in a third-party email service provider. The incident highlights the security considerations associated with third-party services, even when a platform’s core systems are not directly affected. “On February 5, 2026, we were alerted to a vulnerability in a system operated by…
AI, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Newsletter Roundup, Risk Management, Threats, Venture, Weekly Roundup
AI Threats, Botnets, and Cloud Exploits Define This Week’s Cyber Risks
Major Threats & Vulnerabilities Critical Vulnerabilities in AI and Automation Platforms A severe flaw in the n8n automation platform allows authenticated users to execute arbitrary commands, potentially exposing cloud credentials and AI workflows. With a CVSS score of 10.0, this vulnerability has been patched and requires immediate update by users. OpenClaw AI agents continue to…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Russia, Threats
10,000+ Active Infections Traced to SystemBC Botnet
Security researchers at Silent Push identified more than 10,000 unique IPs infected with SystemBC, a proxy malware commonly used as an early foothold in ransomware attacks. Using a custom SystemBC tracking fingerprint, analysts mapped a globally distributed botnet that includes compromised systems supporting government infrastructure. “SystemBC proxies traffic through compromised systems and acts as a…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw and the Growing Security Risks of Agentic AI
OpenClaw, a fast-growing open-source AI agent, is drawing attention from security teams as its rapid adoption collides with emerging risks around autonomous AI behavior. Designed to act as a personal assistant that can connect to large language models (LLMs), call external APIs, and execute tasks independently, OpenClaw represents a form of agentic AI designed to…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
n8n Flaw Puts Hundreds of Thousands of Enterprise AI Systems at Risk
A flaw in the n8n platform allowed any authenticated user to fully compromise the underlying server, exposing credentials, secrets, and AI-driven workflows across enterprise environments. The vulnerability carries a CVSS score of 10.0 and allows attackers to break out of n8n’s JavaScript sandbox to execute arbitrary commands, effectively transforming routine workflow logic into complete control…
AI, Artificial Intelligence, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw or Open Door? Prompt Injection Creates AI Backdoors
OpenClaw has come under review after researchers at Zenity showed how it could be misused to establish persistent access. Rather than exploiting a software vulnerability, the technique relies on indirect prompt injection to influence the agent’s behavior and maintain ongoing control with minimal user involvement. “This attack demonstrates how a persistent command and control channel…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes
A recently disclosed vulnerability in ingress-nginx may allow authenticated attackers to execute code and access Kubernetes Secrets in affected clusters. The vulnerability could “… lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller,” said Kubernetes researchers. Inside the Ingress-Nginx Security Vulnerability Ingress controllers sit…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes
A recently disclosed vulnerability in ingress-nginx may allow authenticated attackers to execute code and access Kubernetes Secrets in affected clusters. The vulnerability could “… lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller,” said Kubernetes researchers. Inside the Ingress-Nginx Security Vulnerability Ingress controllers sit…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser crashes. The issues affect core browser components and may be triggered when users visit specially crafted websites. One of the vulnerabilities, CVE-2026-1861, allows “… a remote attacker to potentially exploit heap corruption via…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser crashes. The issues affect core browser components and may be triggered when users visit specially crafted websites. One of the vulnerabilities, CVE-2026-1861, allows “… a remote attacker to potentially exploit heap corruption via…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser crashes. The issues affect core browser components and may be triggered when users visit specially crafted websites. One of the vulnerabilities, CVE-2026-1861, allows “… a remote attacker to potentially exploit heap corruption via…
Asia Pacific, china, Cybersecurity, Global Security News, Government, Threats, Uncategorized
Cantwell claims telecoms blocked release of Salt Typhoon report
More than a year after national security officials revealed that Chinese hackers had systematically infiltrated U.S. telecommunications networks, the top Senate Democrat on the committee overseeing the industry is calling for hearings with executives from the nation’s biggest telecom companies. In a public letter released Tuesday, Sen. Maria Cantwell, D-Wash., called for the CEOs of…
Cybercrime, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Research, Technology, Threats
Ivanti’s EPMM is under active attack, thanks to two critical zero-days
Attackers are again focusing on a familiar target in the network edge space, actively exploiting two critical zero-day vulnerabilities in Ivanti software that allows administrators to set mobile device and application controls. The vulnerabilities — CVE-2026-1281 and CVE-2026-1340 — each carry a CVSS rating of 9.8 and allow unauthenticated users to execute code remotely in…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends
Flare Report: Infostealers Are Fueling Enterprise Identity Attacks
Once largely associated with consumer credential theft, infostealer malware is increasingly impacting enterprises. New research from Flare shows that a rising percentage of infections now expose enterprise Single Sign-On (SSO) and identity provider credentials, creating direct risk for corporate systems, cloud environments, and SaaS platforms. “We’re seeing fewer infections overall, but far higher yield per…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends
Flare Report: Infostealers Are Fueling Enterprise Identity Attacks
Once largely associated with consumer credential theft, infostealer malware is increasingly impacting enterprises. New research from Flare shows that a rising percentage of infections now expose enterprise Single Sign-On (SSO) and identity provider credentials, creating direct risk for corporate systems, cloud environments, and SaaS platforms. “We’re seeing fewer infections overall, but far higher yield per…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends
Hundreds of Malicious Skills Found in OpenClaw’s ClawHub
A routine question about trust exposed a far more serious problem when researchers discovered hundreds of malicious skills hidden inside a widely used AI agent marketplace. Koi researchers analyzed ClawHub, the third-party skill repository for OpenClaw, and found that threat actors had quietly turned the ecosystem into a large-scale malware distribution channel. We found “……
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, News, Risk Management, Threats, trends
Hundreds of Malicious Skills Found in OpenClaw’s ClawHub
A routine question about trust exposed a far more serious problem when researchers discovered hundreds of malicious skills hidden inside a widely used AI agent marketplace. Koi researchers analyzed ClawHub, the third-party skill repository for OpenClaw, and found that threat actors had quietly turned the ecosystem into a large-scale malware distribution channel. We found “……
APT, Asia Pacific, Authentication, Cybercrime, Global Security News, Research, Threats
China-based espionage group compromised Notepad++ for six months
A China-based threat group operating for almost two decades broke into the internal systems of Notepad++, an extremely popular open source-code editor, to spy on a select group of targeted users, researchers at Rapid7 said Monday. Don Ho, the author and maintainer of the open-source tool, said independent security researchers confirmed a China state-sponsored group…
APT, Asia Pacific, Authentication, Cybercrime, Global Security News, Research, Threats
China-based espionage group compromised Notepad++ for six months
A China-based threat group operating for almost two decades broke into the internal systems of Notepad++, an extremely popular open source-code editor, to spy on a select group of targeted users, researchers at Rapid7 said Monday. Don Ho, the author and maintainer of the open-source tool, said independent security researchers confirmed a China state-sponsored group…
AI, Apps, Artificial Intelligence, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
In just days, a viral open-source AI assistant went from niche experiment to a widespread internet-facing risk. OpenClaw, a self-hosted personal AI agent capable of executing actions on a user’s behalf, saw explosive adoption in late January 2026 — along with widespread public exposure that has raised concerns among security researchers. It “… has already…
AI, Apps, Artificial Intelligence, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, News, Risk Management, Threats, trends
OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
In just days, a viral open-source AI assistant went from niche experiment to a widespread internet-facing risk. OpenClaw, a self-hosted personal AI agent capable of executing actions on a user’s behalf, saw explosive adoption in late January 2026 — along with widespread public exposure that has raised concerns among security researchers. It “… has already…
AI, Apps, Artificial Intelligence, Cybersecurity, Exploits, Global Security News, malware, News, Risk Management, Threats
AI Threats in 2026: A SecOps Playbook
As we enter 2026, the cybersecurity landscape is shifting into unfamiliar territory. Headlines about “deepfake fear” and “AI chaos” reflect a growing recognition that artificial intelligence is no longer just accelerating traditional attack methods. It is opening a new category of threats that were not meaningfully part of the security equation even a few years…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, International, malware, Network Security, News, Risk Management, Threats
Fake Dating App Delivers Android Spyware in Targeted Campaign
ESET researchers have uncovered a targeted Android spyware campaign using a fake dating app to lure victims into installing mobile surveillance malware. The campaign, focused on users in Pakistan, disguises spyware as a chat platform that promises access to exclusive profiles but instead quietly exfiltrates sensitive data from infected devices. “Once installed, the app silently…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
Fake Clawdbot VS Code Extension Deploys ScreenConnect RAT
A malicious Visual Studio (VS) Code extension posing as an AI-powered assistant was quietly installing remote access malware on developers’ systems. The fake extension, called ClawdBot Agent, appeared legitimate on the surface but executed malware automatically as soon as VS Code launched. “The layering here is impressive. You’ve got a fake AI assistant dropping legitimate…
Asia Pacific, china, Cybercrime, Cybersecurity, Global Security News, Threats
Google’s disruption rips millions out of devices out of malicious network
Millions of devices used as proxies by cybercriminals, espionage groups and data thieves have been removed from circulation following Google’s disruption of IPIDEA, a China-based residential proxy network. The reduction in available proxy devices came after Google’s Threat Intelligence Group used legal action and intelligence sharing to target the company’s domain infrastructure, Google said in…
crowdstrike, Cybersecurity, Europe, Global Security News, Research, Threats
Long-running North Korea threat group splits into 3 distinct operations
A North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled “Labyrinth Chollima” by the company, the group follows a divergence pattern CrowdStrike observed previously. Labyrinth Chollima has spawned two additional groups: Golden Chollima and Pressure Chollima. The spin-offs,…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Fortinet’s latest zero-day vulnerability carries frustrating familiarities for customers
Fortinet customers are confronting another actively exploited zero-day vulnerability that allows attackers to bypass authentication in the single sign-on flow for FortiCloud and gain privileged access to multiple Fortinet firewall products and related services. The vendor issued a security advisory for the vulnerability — CVE-2026-24858 — warning that some instances of exploitation already occurred earlier…
china, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals, are exploiting a path-traversal vulnerability affecting WinRAR that was disclosed and patched six months ago. The high-severity vulnerability — CVE-2025-8088 — was exploited in the wild almost two weeks before RARLAB, the vendor behind the…
Cybercrime, Cybersecurity, Global Security News, Ransomware, Threats
A new wave of ‘vishing’ attacks is breaking into SSO accounts in real time
Threat hunters and researchers are racing to contain a wave of voice-phishing attacks targeting single sign-on tools, already leading to data theft and extortion attempts. Multiple cybercrime groups are combining voice calls and advanced phishing kits to trick victims into handing over access — including a group identifying itself as ShinyHunters, which has publicly named alleged…
Cybercrime, Cybersecurity, Global Security News, Ransomware, Threats
The thin line between saving a company and funding a crime
Ransomware negotiation is a dark but widely acknowledged reality in the cybersecurity industry — one that many argue is a necessary practice, even if it largely occurs out of sight. Brokering payments and terms with cybercriminals who hold organizations’ data and operations hostage places security professionals in a fraught position that requires them to balance…
critical infrastructure, Cybersecurity, Global Security News, Government, Policy, Threats
Sources: DHS finalizing replacement for disbanded critical infrastructure security council
The Department of Homeland Security is finalizing plans for a new body that would replace the functions of the Critical Infrastructure Partnership Advisory Council (CIPAC) and serve as a communications hub between industry and government to discuss ongoing threats to U.S. critical infrastructure, including from cyber attacks. Under previous administrations, CIPAC served as a nerve…
Botnet, Cybersecurity, Global Security News, Threats
Kimwolf botnet’s swift rise to 2M infected devices agitates security researchers
The Kimwolf botnet, which splintered off from the record-setting Aisuru DDoS botnet in August, gained the widespread attention of security researchers when it temporarily claimed the top spot in Cloudflare’s global domain rankings in late October 2025. Within weeks it spread like a wildfire, eventually taking over more than 2 million unofficial Android TV devices,…
Exploits, Global Security News, Microsoft, Patch Tuesday, Research, Threats
Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day
Microsoft’s first security update of 2026 addressed 112 vulnerabilities affecting its products and underlying systems, including one actively exploited zero-day in Desktop Window Manager. The company’s latest Patch Tuesday update marks the second consecutive month with no critical vulnerabilities disclosed. The batch of patches also contains more than 110 CVEs for the second January in…
AI, Cybersecurity, Exploits, Global Security News, prompt injection, Research, Threats
ServiceNow patches critical AI platform flaw that could allow user impersonation
ServiceNow has addressed a critical security vulnerability in its AI platform that could have allowed unauthenticated users to impersonate legitimate users and perform unauthorized actions, the company disclosed Monday. The flaw, designated CVE-2025-12420 and carrying a severity score of 9.3 out of 10, was discovered by SaaS security firm AppOmni in October. ServiceNow deployed fixes…
Cybersecurity, Exploits, Global Security News, GreyNoise, HackerOne, Technology, Threats
Inside Vercel’s sleep-deprived race to contain React2Shell
Talha Tariq and his colleagues at Vercel, the company that maintains Next.js, endured many sleep-deprived nights and weekends when React2Shell was discovered and disclosed soon after Thanksgiving. The defect, which affects vast stretches of the internet’s underlying infrastructure, posed a significant risk for Next.js, an open-source library that depends on vulnerable React Server Components. He…
Geopolitics, Global Security News, privacy, Threats
Trump pulls US out of international cyber orgs
The Trump administration is withdrawing the United States from a handful of international organizations that work to strengthen cybersecurity. As part of a broader pullback from 66 international organizations, the administration is leaving the Global Forum on Cyber Expertise, the Online Freedom Coalition and the European Centre of Excellence for Countering Hybrid Threats. Trump’s decision…
AI, Cybersecurity, Exploits, Global Security News, n8n, Research, Threats
Researchers rush to warn defenders of max-severity defect in n8n
Researchers warn that a critical vulnerability in n8n, an automation platform that allows organizations to integrate AI agents, workflows and hundreds of other enterprise services, could be exploited by attackers to achieve full control of targeted networks. The maximum-severity vulnerability — CVE-2026-21858 — affects about 100,000 servers globally, according to Cyera, which initially discovered and…
Commentary, Cybersecurity, Global Security News, Government, Policy, Threats
Time to restore America’s cyberspace security system
China’s campaign to break into our critical infrastructure and federal government networks is persistent and growing. Beijing is stealing information while also planting tools and maintaining access in key systems, giving it the option to pressure the United States in the future. Russia also continues to test our critical infrastructure with increasingly sophisticated operations, support…
CISA, Cybersecurity, Exploits, Global Security News, Research, Threats
MongoBleed defect swirls, stamping out hope of year-end respite
Cybersecurity professionals are closing out 2025 confronting yet another information-disclosure vulnerability, drawing widespread concern as threat hunters and researchers race to avoid impacts comparable to previous defects dubbed with a “bleed” suffix. MongoBleed — CVE-2025-14847 — is a high-severity vulnerability affecting many versions of MongoDB with default configurations that allows unauthenticated attackers to leak server…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Leader of 764 offshoot pleads guilty, faces up to 60 years in jail
A 19-year-old man from San Antonio pleaded guilty Friday to multiple crimes involving the sexual exploitation of children while acting as an administrator and leader of 8884, a splinter group of the violent extremist collective known as 764. Alexis Aldair Chavez faces up to 60 years in prison for racketeering, distribution and possession of child…
AI, Artificial Intelligence (AI), Global Security News, Government, Technology, Threats
FBI says ‘ongoing’ deepfake impersonation of U.S. gov officials dates back to 2023
The FBI said that unknown actors have continued to deploy AI voice cloning tools in an ongoing effort to impersonate U.S government officials and extract sensitive or classified information or conduct scams. The bureau initially warned back in May that the campaign had been ongoing since at least April 2025. In an update Friday, they…
APT, china, Cybersecurity, Exploits, Global Security News, Research, Threats
Cisco customers hit by fresh wave of zero-day attacks from China-linked APT
Cisco customers are confronting a fresh wave of attacks from a Chinese threat group that has actively exploited a critical zero-day vulnerability affecting the vendor’s software for email and web security since at least late November, the company said in an advisory Wednesday. Cisco said it became aware of the attacks Dec. 10. The defect…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
React2Shell fallout spreads to sensitive targets as public exploits hit all-time high
Fallout from React2Shell — a stubborn vulnerability that impacts wide swaths of the internet’s scaffolding — continues to spread as public exploits and stealth backdoors proliferate and worrying details emerge about the targets attackers are pursuing. Threat researchers and incident responders are reacting to swift-moving developments on React2Shell with mounting concern. Cybercriminals, ransomware gangs and…
Cybercrime, Global Security News, Government, Ransomware, Threats, Uncategorized
DOJ announces takedown of alleged laundering platform used by cybercriminal groups
Federal prosecutors in Michigan say they have dismantled online infrastructure tied to an alleged money laundering operation that moved tens of millions of dollars in proceeds from ransomware and other cybercrime, along with indicting the service’s creator. The U.S. Attorney’s Office for the Eastern District of Michigan announced a coordinated action with international partners and…
Cybersecurity, Exploits, Geopolitics, Global Security News, Research, Threats
Amazon warns that Russia’s Sandworm has shifted its tactics
Attackers associated with Russia’s Main Intelligence Directorate (GRU) have targeted Western-based critical infrastructure with a special focus on the energy sector as part of an ongoing campaign dating back to 2021, Amazon Threat Intelligence said in a report Monday. The threat group simplified operations earlier this year by shifting away from vulnerability exploitation to focus…
AI, Artificial Intelligence (AI), Commentary, Cybersecurity, Global Security News, Threats
New cybersecurity guidance paves the way for AI in critical infrastructure
Global cybersecurity agencies have issued the first unified guidance on applying artificial intelligence (AI) within critical infrastructure, signaling a major shift from theoretical debate to practical guardrails for safety and reliability. The release of joint guidance on Principles for the Secure Integration of Artificial Intelligence in Operational Technology marks a meaningful milestone for critical infrastructure…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Security experts have observed a steady increase in malicious activity from a widening pool of attackers seeking to exploit React2Shell, a critical vulnerability disclosed last week in React Server Components. Authorities are also responding to heightened concern about the defect, with the Cybersecurity and Infrastructure Security Agency shortening the deadline for agencies to patch the…
critical infrastructure, Cybercrime, Global Security News, Government, North America, Threats
US charges hacker tied to Russian groups that targeted water systems and meat plants
The Justice Department has charged a Ukrainian national with conducting cyberattacks on critical infrastructure worldwide as part of two Russian state-sponsored hacking operations that targeted water systems, food processing facilities and government networks across the United States and allied nations. Victoria Eduardovna Dubranova, 33, was arraigned on a second indictment Tuesday after being extradited to…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, known exploited vulnerabilities (KEV), Technology, Threats
Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
Microsoft addressed 57 vulnerabilities affecting its various products for business operations and core systems, including one actively exploited zero-day, the company said in its latest monthly security update. The zero-day vulnerability — CVE-2025-62221 — affects the Windows Cloud Files Mini Filter Driver and has a CVSS rating of 7.8. Attackers could exploit the use-after-free defect…
Cybersecurity, Department of Justice (DOJ), Federal Bureau of Investigation (FBI), Global Security News, Government, North America, Threats
Officials offer $10M reward for information on IRGC-linked leader and close associate
The State Department is seeking help to locate a pair of hackers allegedly working for Shahid Shushtari, a malicious cyber unit operating under Iran’s Revolutionary Guard Corps Cyber-Electronic Command. Officials are offering a reward up to $10 million for information about Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi. “Help us take the smile off their…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Attackers hit React defect as researchers quibble over proof
Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta and the React team publicly disclosed the flaw with a patch Wednesday. Multiple security firms are actively responding to active exploitation in the wild as a scrum of reports conclude the malicious activity is limited…
Amnesty International, Exploits, Geopolitics, Global Security News, privacy, Technology, Threats
Intellexa remotely accessed Predator spyware customer systems, investigation finds
Leaked training videos suggest that Intellexa retained the ability to remotely access the systems of customers who had used its Predator spyware, raising questions about human rights safeguards, according to an investigation published Thursday. That was just one finding from a series of separate but overlapping probes released over the past 24 hours. The training…
Asia Pacific, Cybersecurity, Global Security News, Government, Research, Threats
Officials warn about expansive, ongoing China espionage threat riding on Brickstorm malware
Cybersecurity authorities and threat analysts unveiled alarming details Thursday about a suspected China state-sponsored espionage and data theft campaign that Google previously warned about in September. The outlook based on their limited visibility into China’s sustained ability to burrow into critical infrastructure and government agency networks undetected, dating back to at least 2022, is grim.…
Cybercrime, Cybersecurity, Exploits, Global Security News, Meta, Research, Threats
Developers scramble as critical React flaw threatens major apps
Security researchers and code developers are scrambling to patch and investigate a critical vulnerability affecting React Server Components, an open-source library used widely across the internet and embedded into many essential software frameworks. The rapid response underscores the potential consequences of exploitation. Although no attacks have been observed or reported, researchers expect them soon and…