12:23 pm – June 16, 2026 Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Research & Analysis
More Articles
China-linked APT24 hackers exploit BadAudio to compromise public websites, targeting users.
By News RoomChina-linked APT24 hackers are employing a sophisticated new malware known as BadAudio to conduct persistent cyber espionage campaigns. This advanced downloader, in use for at least three years, allows the group to gain and maintain access to targeted organizations. The group has recently shifted its focus to Taiwan-based entities, utilizing…
Salesforce has alerted its customers to a critical security incident involving unusual activity detected within Gainsight-published applications integrated with its platform. The company stated that this activity may have led to unauthorized access to certain customers’ Salesforce data through these connected applications. This development underscores the growing risks associated with…
Demand for autonomous aerial robots across the Middle East is forecast to surge from USD 487.2 million in 2025 to USD 1.54 billion by 2035, according to new industry analysis. The projected rise, equivalent to a 216.7 percent growth, is being driven by defence modernization, expanding surveillance needs, and increasing…
NSO Group states WhatsApp injunction jeopardizes existence, future U.S. government contracts.
By News RoomNSO Group, the developer of the controversial Pegasus spyware, is seeking to pause an injunction that prohibits the company from targeting WhatsApp users. In a court filing this week, the company argued that enforcing the permanent injunction would inflict irreparable harm on its business and hinder potential use of its…
Cybercriminals are rapidly embracing generative AI, making it easier for them to successfully lure victims into scams. This technological advancement has significantly lowered the barrier to entry for fraudulent operations, allowing for faster, more convincing, and scalable scam campaigns. What once required considerable time and specialized skills can now be…
Trustwave SpiderLabs researchers have uncovered a new and sophisticated banking trojan, dubbed Eternidade Stealer, which is being distributed through WhatsApp and employs advanced social engineering tactics. This malware represents a significant development in Brazil’s cybercriminal landscape, capable of harvesting extensive contact information and targeting financial institutions by stealing user credentials.…
A sophisticated global hacking campaign, identified as TamperedChef, is actively distributing malware by disguising malicious applications as legitimate software, including manual readers, PDF editors, and games. This operation leverages fake installers with valid code-signing certificates to bypass security measures and earn user trust, according to recent findings from Acronis security…
ShadowRay 2.0 Utilizes Unpatched Ray Vulnerability for Self-Spreading GPU Cryptomining Botnet
By News RoomShadowRay 2.0 is the new guise for ongoing cyberattacks targeting the Ray open-source artificial intelligence (AI) framework. Security researchers at Oligo Security have identified a sophisticated campaign that weaponizes vulnerable Ray clusters, particularly those utilizing NVIDIA GPUs, to establish a self-replicating cryptocurrency mining botnet. The primary vulnerability being exploited, CVE-2023-48022,…
A new breed of ransomware is targeting cloud storage, specifically Amazon S3 services, by exploiting misconfigurations and weak access controls. Unlike traditional ransomware that infects systems, these attacks leverage vulnerabilities within cloud environments to lock organizations out of their critical business data. As businesses increasingly migrate operations to the cloud,…
The co-founders of Samourai Wallet, Keonne Rodriguez and William Lonergan Hill, have been sentenced to prison for their roles in operating a cryptocurrency mixing service that facilitated the laundering of over $237 million in illicit funds. The U.S. Attorney’s Office for the Southern District of New York announced the sentencing,…
Sturnus Banking Malware Compromises Signal and WhatsApp Communications, Seizes Device Control
By News RoomA new and sophisticated banking malware named Sturnus is posing a significant threat to mobile users, particularly across Europe. Discovered by security researchers, this Android trojan exhibits an alarming ability to intercept encrypted communications from popular messaging applications like Signal and WhatsApp, effectively bypassing security measures by capturing content directly…
A sophisticated new botnet, dubbed “Tsundere,” is posing a significant threat by leveraging popular Node.js packages and cryptocurrency technologies to distribute malware across Windows, Linux, and macOS. First identified by Kaspersky GReAT researchers around mid-2025, Tsundere represents an alarming evolution in supply chain attacks. The cyber threat emerged from activity…