11:08 am – June 16, 2026 Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Research & Analysis
More Articles
Critical Oracle Identity Manager Vulnerability Added to CISA’s Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a significant security flaw affecting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. This critical vulnerability, tracked as CVE-2025-61757, has been confirmed to be actively…
The dark web has emerged as a sophisticated and evolving job market where individuals with technical cyber skills are finding employment through unconventional channels. Operates with distinct recruitment norms and salary expectations, this shadow economy is transforming how cyber specialists secure roles. A recent comprehensive analysis of over 2,200 job-related…
Xillen Stealer Utilizes Advanced Features to Evade AI Detection and Steal Data from Password Managers
By News RoomA sophisticated Python-based malware known as Xillen Stealer has significantly evolved, posing a heightened threat to sensitive data. First identified in September 2025, the latest iterations, versions 4 and 5, showcase advanced features designed to bypass security systems and abscond with credentials from over 100 browsers, 70 cryptocurrency wallets, and…
A new wave of malicious Android applications, impersonating a popular Korean delivery service, is employing AI-based obfuscation techniques to evade traditional antivirus (AV) detection. These sophisticated apps stealthily gather sensitive user information, posing a significant threat to mobile security. The campaign highlights the growing use of artificial intelligence by cybercriminals…
Chinese-backed attackers are actively exploiting a critical remote code execution vulnerability in Microsoft Windows Server Update Services (WSUS) to distribute the sophisticated ShadowPad backdoor malware. This exploitation, leveraging CVE-2025-59287, allows threat actors to gain system-level access and compromise enterprise networks running the WSUS infrastructure. The surge in activity follows the…
Privacy advocates sue federal government regarding discussions with tech firms on ICE operations
By News RoomA digital privacy advocacy group has filed a lawsuit seeking federal government communications with major tech companies regarding the removal of online applications and websites that tracked immigration enforcement activities. The Electronic Frontier Foundation (EFF) filed the suit to investigate potential government coercion impacting free speech, a central tenet of…
A prevalent cyber threat, dubbed Operation DreamJob, has been observed actively targeting the manufacturing industry with sophisticated social engineering tactics. In August 2025, this operation successfully infiltrated an Asian subsidiary of a major European manufacturing company by disguising malicious payloads as attractive job opportunities delivered via WhatsApp Web. This incident…
A new browser-based threat known as Matrix Push C2 is emerging as a significant cybersecurity concern, enabling malicious actors to conduct malware delivery and sophisticated phishing attacks directly through web browsers across all operating systems. This innovative command-and-control platform bypasses traditional security measures by leveraging legitimate browser features, making it…
North Korean hacker groups Kimsuky and Lazarus collaborate to exploit zero-day vulnerabilities in critical global sectors.
By News RoomA significant development in the cybersecurity landscape reveals that two notorious North Korean hacking groups, Kimsuky and Lazarus, have allegedly joined forces to conduct a coordinated attack campaign. This partnership aims to exploit zero-day vulnerabilities and target critical sectors globally, posing a novel threat to international organizations seeking sensitive intelligence…
Grafana Addresses Critical SCIM Vulnerability Allowing Impersonation and Privilege Escalation
By News RoomGrafana has issued critical security updates for a severe vulnerability impacting its System for Cross-domain Identity Management (SCIM) component. This flaw, CVE-2025-41115, identified with a CVSS score of 10.0, could enable malicious actors to escalate privileges or impersonate legitimate users under specific configuration conditions, posing a significant risk to data…
Retailers are bracing for a significant surge in ransomware attacks this holiday season, as cybercriminal groups strategically target businesses during their busiest sales periods. These actors aim to maximize disruption and increase pressure for ransom payments by striking when downtime is most costly. The focus of these campaigns is on…
Google has significantly enhanced its Quick Share service, enabling seamless file and photo transfers between Android and Apple devices. This groundbreaking cross-platform functionality, initially exclusive to the Pixel 10 lineup, allows users to share content between Android and iPhones, iPads, and Macs. The update marks a major step towards breaking…