3:33 pm – June 15, 2026 U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Security researcher Chaotic Eclipse has unveiled a significant new vulnerability, dubbed GreatXML, that bypasses Windows BitLocker encryption. This discovery, detailed just a day after the release of an exploit targeting Microsoft Defender, highlights a critical weakness in Microsoft’s endpoint security posture. The GreatXML exploit allows unauthorized access to encrypted drives,…
Cybersecurity threats reported: Worm code leaked, AI agent compromised, software patch released.
By News RoomCybercrime Ecosystem Evolves: Supply Chain Attacks and Advanced Tools Threaten Security This week has highlighted a significant maturation in the cybercriminal landscape, moving beyond rudimentary attacks to sophisticated operations. A concerning trend involves the emergence of polished, readily available tools for complex attacks, such as supply chain compromise kits found…
Artificial Intelligence Disrupts Vulnerability Management, Prompting CISO Budget Reallocation to Breach and Attack Simulation
By News RoomThe landscape of cybersecurity has been fundamentally altered by the rapid advancements in artificial intelligence, compressing the discovery-to-exploit window for vulnerabilities from months to mere hours. This seismic shift renders traditional vulnerability management strategies, built on ample reaction time, obsolete. Organizations must now adapt to a new paradigm where the…
Research & Analysis
More Articles
A new and sophisticated variant of the notorious Mirai botnet, dubbed “Broadside,” has emerged as a significant cybersecurity threat, actively targeting maritime shipping operations and vessel management systems. This advanced malware exploits a critical vulnerability in TBK Digital Video Recorder (DVR) devices commonly used for security monitoring aboard cargo ships…
North Korean-linked threat actors are reportedly exploiting a critical security flaw in React Server Components (RSC), known as React2Shell, to deploy a new remote access trojan named EtherRAT. This sophisticated malware, detailed in a recent report, leverages Ethereum smart contracts for command and control and employs multiple persistence mechanisms on…
A sophisticated cyberattack campaign targeting Japanese shipping and transportation companies has been uncovered, with threat actors exploiting critical vulnerabilities in Ivanti Connect Secure (ICS) devices to deploy new PlugX malware variants, including MetaRAT. The campaign, identified in April 2025, highlights the persistent threat posed by advanced persistent threats (APTs) to…
A sophisticated, previously undocumented Linux backdoor dubbed GhostPenguin has been identified operating stealthily for at least four months, evading detection by traditional security measures. This powerful malware, written in C++, establishes clandestine remote shell access and facilitates file-system operations through encrypted UDP communication, making its discovery a significant challenge for…
Cybercriminals are increasingly targeting developer environments, with a newly discovered malware campaign infiltrating the Visual Studio Code Marketplace. This sophisticated attack, recently detailed by Koi security analysts, actively captures screenshots of victims’ desktops, stealing sensitive code, private emails, and communication data. The malware is distributed through two seemingly legitimate Visual…
A sophisticated new vishing campaign is leveraging Microsoft Teams calls and the native Windows remote support tool QuickAssist to deploy stealthy .NET malware, bypassing traditional security perimeters. This evolving threat, identified by SpiderLabs security analysts, relies on social engineering and the abuse of trusted system utilities to achieve its malicious…
Google Fortifies Chrome Browser with Advanced AI Security Features Google announced on Monday a significant enhancement to its Chrome browser, integrating a suite of new security features designed to protect users from advanced threats posed by agentic artificial intelligence (AI). This development follows the recent introduction of AI capabilities within…
The International Foundation for Protection Officers (IFPO) will conduct a three-day executive workshop focusing on integrating security into organizational strategy using a Balanced Scorecard approach. The event, titled the Security Strategy Practicum: Balanced Scorecard Approach, is scheduled to take place at the World Trade Centre Dubai from January 12-14, 2026.…
A sophisticated new, multi-stage malware attack campaign, identified as JS#SMUGGLER, is actively being used to deliver the potent NetSupport Remote Access Trojan (RAT) to unsuspecting victims. This stealthy operation leverages hidden web-based redirects and heavily obfuscated JavaScript code to gain full system control, posing a significant threat to cybersecurity. The…
A dangerous new malware campaign, dubbed Operation FrostBeacon, is actively targeting financial and legal sectors within the Russian Federation. This sophisticated operation employs the notorious Cobalt Strike remote access tool to infiltrate organizations that handle sensitive business transactions, posing a significant threat to cybersecurity. Security researchers have uncovered over twenty…
The Operational Technology Middle East Community (OTMEC) has launched as a regional initiative aimed at improving ICS and OT cybersecurity across the Middle East and North Africa. This new organization seeks to foster collaboration and knowledge sharing among professionals safeguarding critical infrastructure. Co-founded by industry experts Reem Faraj AlShammari, Bryson…
The “Kitten” Project has emerged as a significant development in hacktivist operations, representing a coordinated platform that amplifies the capabilities of multiple pro-Iranian hacktivist groups targeting Israel. This initiative, accessible via thekitten.group, moves beyond isolated cyberattacks towards a centralized infrastructure for communication, resource sharing, and synchronized campaigns, according to security…