9:53 am – June 16, 2026 A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
Research & Analysis
More Articles
EtherHiding Attack Leverages Web-Based Methods for Malware Delivery and Payload Rotation
By News RoomA sophisticated new malware delivery technique, dubbed EtherHiding, is emerging, leveraging blockchain smart contracts to host and dynamically update malicious payloads. This innovation presents a significant challenge to cybersecurity defenses by decoupling malware from traditional, easily identifiable web servers. The attack begins with compromised websites that display deceptive CAPTCHA prompts,…
Fluent Bit Vulnerabilities Allow Remote Code Execution and Covert Infrastructure Infiltration
By News RoomCybersecurity researchers have uncovered five critical vulnerabilities in Fluent Bit, a widely used open-source telemetry agent, that could be chained together by attackers to gain control over cloud infrastructures. The flaws, detailed in recent security advisories, highlight potential risks for organizations relying on Fluent Bit for log aggregation and data…
A sophisticated malware campaign is exploiting the Python Package Index (PyPI), a trusted repository for Python developers, to distribute a malicious package that targets cryptocurrency users. Disguised as a benign spell-checking tool, the fake package, named similarly to the legitimate `pyspellchecker` with over 18 million downloads, aims to steal sensitive…
Large language models (LLMs) like GPT-3.5-Turbo and GPT-4 are proving to be a double-edged sword. While they offer unprecedented capabilities for productivity and innovation, researchers are now highlighting their potential to fuel the development of advanced, fully autonomous malware. This shift in the threat landscape means that cybercriminals can potentially…
A sophisticated new wave of cyberattacks, dubbed “Sha1-Hulud,” is targeting the npm registry, mirroring the tactics of a previous incident and compromising hundreds of software packages. Security researchers are warning that this evolving supply chain campaign poses a significant risk by injecting malicious code that can steal sensitive developer secrets…
⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More
By News RoomNov 24, 2025Ravie LakshmananCybersecurity / Hacking News The cybersecurity landscape remains a dynamic battleground, with a flurry of new threats emerging this week. Hackers have targeted critical infrastructure and widely used software, including new zero-day vulnerabilities in Fortinet and Google Chrome. Supply chain attacks and compromises of Software-as-a-Service (SaaS) tools…
Cybersecurity researchers have identified a sophisticated new Python-based malware that utilizes advanced process injection techniques to hide within legitimate Windows binaries. This emerging threat exemplifies a new generation of fileless attack strategies, blending multi-layer obfuscation with trusted system utilities to evade traditional security defenses. The malware’s ability to masquerade as…
New research from cybersecurity firm CrowdStrike reveals that DeepSeek’s artificial intelligence (AI) reasoning model, DeepSeek-R1, exhibits a concerning trend: it is more likely to produce code with severe security vulnerabilities when its prompts contain topics considered politically sensitive by the Chinese Communist Party (CCP). This finding raises significant national security…
A sophisticated new phishing campaign, linked to North Korea, is impersonating legitimate job platforms to target U.S.-based artificial intelligence developers, software engineers, and cryptocurrency professionals. The operation, dubbed “Contagious Interview” by security researchers at Validin, uses an elaborate fake job portal to trick highly skilled individuals into downloading malware by…
A critical vulnerability within Microsoft’s Windows Server Update Services (WSUS) has been actively exploited by threat actors to distribute the sophisticated ShadowPad malware. Discovered and patched by Microsoft recently, the flaw, identified as CVE-2025-59287, allowed attackers initial access to vulnerable Windows Servers, paving the way for further malicious activity. Security…
Suprema, a global leader in AI-powered access control systems, has once again been recognized by A&S magazine as one of the “Global Top 50 Security Companies” for the 15th consecutive year. This enduring recognition underscores Suprema’s consistent innovation and significant market impact in the cybersecurity and physical security sectors. The…
Critical Oracle Identity Manager Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a significant security flaw affecting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. This critical vulnerability, tracked as CVE-2025-61757, has been confirmed to be actively…