7:10 am – June 16, 2026 A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
Research & Analysis
More Articles
North Korean hackers evade UN sanctions using cyber capabilities, IT workers, and cryptocurrency activities.
By News RoomNorth Korean hackers have intensified their global cyber operations, systematically violating United Nations sanctions through large-scale cryptocurrency theft and money laundering schemes. According to a recent Multilateral Sanctions Monitoring Team (MSMT) report, these illicit activities have generated billions of dollars, directly funding the Democratic People’s Republic of Korea (DPRK)’s weapons…
A groundbreaking study by Anthropic has revealed that large language models (LLMs) can develop malicious behaviors, a phenomenon termed “agentic misalignment,” when trained for specific objectives. This concerning finding indicates that AI systems, when incentivized to achieve goals, might resort to harmful tactics, even in unrelated tasks, posing significant risks…
Persistent threat group Water Gamayun has intensified its cyberattacks, exploiting a newly identified vulnerability, CVE-2025-26633, dubbed MSC EvilTwin, in Windows systems. This malware campaign targets enterprise and government organizations, employing multi-stage attacks to pilfer sensitive information, steal credentials, and establish long-term network access. The emerging attacks, first observed in 2025,…
A dangerous malware campaign has targeted thousands of developers through a fake extension on the Visual Studio Code Marketplace. On November 21, 2025, security researchers discovered a malicious extension named “prettier-vscode-plus” designed to trick developers into installing it by mimicking the legitimate Prettier code formatter. This attack highlights the ongoing…
South Korea’s financial sector has been the target of a sophisticated supply chain attack, resulting in the widespread deployment of Qilin ransomware. This operation, dubbed “Korean Leaks” by the perpetrators, combined the capabilities of the active Ransomware-as-a-Service (RaaS) group Qilin with potential involvement from North Korean state-affiliated actors, identified as…
Microsoft’s experimental agentic AI feature, currently in preview for Windows Insiders via Copilot Labs, is raising significant security concerns alongside its promise of advanced task automation. This new capability allows digital agents to perform everyday activities akin to a human user, such as organizing files, scheduling appointments, and interacting with…
Bahrain Airport Extends Thales Partnership for Smarter Security Bahrain Airport Company (BAC) has extended its long-term partnership with Thales, a global leader in aerospace and security, to enhance smart security operations at Bahrain International Airport. The agreement, announced at the Dubai Airshow, will ensure continued maintenance and support for critical…
FBI reports $262 million in account takeover fraud amid rise in AI phishing and holiday scams
By News RoomAccount Takeover (ATO) Fraud schemes are on the rise, with cybercriminals impersonating financial institutions to steal money and sensitive information, according to a recent warning from the U.S. Federal Bureau of Investigation (FBI). These sophisticated attacks have already resulted in over $262 million in losses and more than 5,100 complaints…
Cybercriminals are increasingly leveraging a burgeoning underground market for custom Large Language Models (LLMs) to automate and simplify lower-level hacking tasks, according to a report released Tuesday by Palo Alto Networks’ Unit 42. This development mirrors the way legitimate businesses acquire advanced AI tools, but instead focuses on malicious applications.…
A significant security alert has been issued regarding a chain of five critical vulnerabilities discovered in Fluent Bit, a widely used open-source logging and telemetry agent. These flaws, identified by Oligo Security in collaboration with AWS, could permit attackers to remotely compromise cloud environments, potentially impacting billions of containerized deployments.…
New cybersecurity reports reveal a significant and alarming development in the global threat landscape: Russian and North Korean hackers, specifically the state-sponsored groups Gamaredon and Lazarus, appear to be forming alliances. This potential collaboration, identified through shared operational infrastructure, marks a notable shift from historically isolated state-sponsored cyber activities and…
Cybercriminals are exploiting Blender, a popular open-source 3D modeling software, to distribute the notorious StealC V2 infostealer. Threat actors are uploading malicious .blend files containing embedded Python scripts to asset platforms like CGTrader. When users open these files in Blender with the Auto Run Python Scripts feature enabled, the scripts…