Attackers are hitting Ivanti customers yet again — circling back to a common target and consistently susceptible vendor in the network edge space — by exploiting a zero-day vulnerability in one of the company’s most besieged products. Ivanti warned customers that attackers have successfully exploited CVE-2026-6973, an improper input validation defect in Ivanti Endpoint Manager…
Tag: hitting
AI, Compliance, Global Security News, Network Security, Risk Management
Microsoft warns of global campaign stealing auth tokens from 35K users
Microsoft revealed a phishing campaign hitting 35,000 users in 26 countries, stealing login tokens via fake code-of-conduct emails and legit services. Microsoft disclosed a major phishing campaign that targeted over 35,000 users across 26 countries in mid-April 2026. Attackers used fake “code of conduct” emails sent through legitimate platforms to trick recipients into visiting bogus…
Global Security News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a…
Data Breaches, Global Security News
Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture
The next major breach hitting your clients probably won’t come from inside their walls. It’ll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That’s the new attack surface, and most organizations are underprepared for it. Cynomi’s new guide, Securing the Modern Perimeter: The Rise of…
Global Security News
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There’s a bit of everything this week. Persistence plays, legal wins, influence…
AI, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia
Former Germany’s foreign intelligence VP hit in Signal account takeover campaign
Former BND VP Arndt Freytag von Loringhoven was targeted in a Signal cyberattack, part of a wave hitting officials and politicians in Germany. A cyberattack targeting Signal and WhatsApp users has hit high-ranking German officials, including former BND Vice President Arndt Freytag von Loringhoven. The official reported being contacted by someone posing as Signal support…
AI, Global Security News
New PhantomRaven NPM attack wave steals dev data via 88 packages
New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. […]
AI, Exploits, Global Security News, malware, Risk Management
Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools
A massive Shai-Hulud-style npm supply chain worm is hitting the software ecosystem, burrowing through developer machines, CI pipelines, and AI coding tools. Socket researchers uncovered the active attack campaign and called it SANDWORM_MODE, derived from the “SANDWORM_*” environment variable switches embedded in the malware’s runtime control logic.” At least 19 typosquatted packages were published under…
AI, Global Security News
Tesla’s Robotaxi Rollout Faces Early Safety Questions in Austin
The Tesla “Robotaxi” experiment in Austin is hitting some literal bumps in the road, with five new crashes reported just as the company tries to ditch human safety monitors. Tesla’s small fleet of Model Y Robotaxis in Austin is having a hard time avoiding trouble. According to recent data from the National Highway Traffic Safety…
AI, Global Security News, Risk Management
Software’s AI Reckoning Is Here: What it Means for MSPs
The software sector is hitting a moment of truth. In a recent CNBC interview, Apollo Asset Management co-president John Zito described what he sees shaking out as the early innings of a “very violent technology cycle” driven by AI. That doesn’t mean software is disappearing, but it does mean the way it’s valued and financed…
AI, cyber attack, Cybersecurity, Global Security News, malware, Security
macOS Users Hit by Python Infostealers Posing as AI Installers
Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces.
AI, Global Security News, Security
Zendesk spam wave returns, floods users with ‘Activate account’ emails
A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies’ unsecured Zendesk support systems. Some recipients say they are receiving hundreds of messages with strange or alarming subject lines. such as ‘Activate account…’ […]