1:23 pm – June 16, 2026 Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Research & Analysis
More Articles
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
By News RoomCybersecurity Stumbles: Spies, Scammers, and Stolen Data Dominate News Cycle This week has seen a surge in alarming cybersecurity news, highlighting global espionage targeting platforms like LinkedIn, sophisticated cryptocurrency scams, and vulnerabilities in everyday tech. From arrests in Thailand to crackdowns on data privacy in Europe, the digital landscape is…
Nation-state actors are pioneering a new operational model that combines digital and physical threats, fundamentally altering the landscape of global security. This emerging strategy blurs the lines between cyber warfare and traditional military operations, creating coordinated campaigns where digital reconnaissance directly enables kinetic strikes. Organizations worldwide must understand and prepare…
Researchers Analyze Rhadamanthys Loader’s Anti-Sandboxing and Anti-AV Emulation Capabilities
By News RoomRecent analysis by cybersecurity researchers has unveiled sophisticated anti-sandboxing and anti-AV emulation features employed by the Rhadamanthys loader, a potent stealer malware that has been actively menacing systems since 2022. This advanced threat continues to pose a significant challenge to security teams due to its adeptness at exfiltrating sensitive data…
Secure.com launches AI tool to address talent gap Dubai-based Secure.com has launched its Digital Security Teammate (DST), an AI-powered agent designed to help cybersecurity teams manage the operational crisis presented by rising cybercrime damages and a widening talent shortage. The company aims to provide a solution to the estimated 4.8…
A sophisticated cyber espionage campaign, spearheaded by a China-linked threat group identified as Nexus APT, is actively targeting government and media sectors across Southeast Asia. This advanced persistent threat (APT) has been observed since early 2025, with significant activity detected in Laos, Cambodia, Singapore, the Philippines, and Indonesia, according to…
Kuwait’s Ministry of Interior is expanding its public safety infrastructure with the installation of smart camera systems in shopping malls and commercial complexes across the country. This new technology is designed to identify individuals with outstanding warrants in real-time, allowing security teams to verify identities and respond swiftly to potential…
A new and concerning cybersecurity threat has emerged, with hackers leveraging the sophisticated Tuoni Command and Control (C2) framework to stealthily deliver in-memory payloads. This advanced technique allows malicious actors to execute harmful code directly within a system’s RAM, bypassing traditional file-scanning security measures and significantly increasing the chances of…
A sophisticated China-aligned threat group known as PlushDaemon has been actively targeting networks globally since 2018, utilizing a specialized tool called EdgeStepper to hijack legitimate software updates. This advanced attack method allows them to redirect unsuspecting users and organizations to malicious servers, injecting malware disguised as authentic updates. The group’s…
A sophisticated new ransomware threat named “The Gentlemen” has emerged, quickly establishing itself as a significant player in the cybercrime landscape. Appearing around July 2025, the group demonstrated rapid growth, publishing details of 48 victims on their dark web leak site within a two-month span from September to October 2025.…
A new and sophisticated ransomware threat, dubbed “The Gentlemen,” has emerged, demonstrating advanced attack capabilities and a well-structured operational model. First observed around July 2025, the group quickly established a significant presence, publishing 48 identified victims on their dark web leak site between September and October 2025. This burgeoning ransomware…
Amazon has identified a new category of warfare, termed “cyber-enabled kinetic targeting,” as the lines between digital and physical attacks rapidly blur. The tech giant’s threat intelligence division noted that while nation-states have long understood the interplay between logical systems and the physical world, a growing number of non-traditional actors…
A sophisticated malware campaign has been discovered targeting the widely-used npm JavaScript package registry. Operating under the alias “dino_reborn,” the threat actor has deployed malicious packages designed to critically differentiate between potential victims and security researchers before triggering their harmful payloads. This advanced supply chain attack utilizes traffic cloaking technology…