2:28 pm – June 16, 2026 
Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Research & Analysis
More Articles
Nov 19, 2025Ravie LakshmananVulnerability / Threat Intelligence A critical remote code execution vulnerability in the widely-used 7-Zip file compression utility, identified as CVE-2025-11001, is now being actively exploited in the wild. The advisory, issued by U.K. NHS England Digital, highlights the immediate threat posed by this flaw, which could allow…
Cybersecurity researchers have identified a sophisticated global hacking campaign, dubbed ShadowRay 2.0, actively exploiting a vulnerability in the widely-used Ray AI framework. This ongoing attack silently compromises powerful AI computing clusters, repurposing them for cryptocurrency mining operations by leveraging CVE-2023-48022. The campaign represents a significant escalation from its initial discovery,…
A new sophisticated malware called Nova Stealer is actively targeting macOS users, employing a deceptive tactic of replacing legitimate cryptocurrency applications with fake versions to steal sensitive wallet data. This malicious campaign poses a significant threat to cryptocurrency holders who rely on popular wallets like Ledger Live, Trezor Suite, and…
A significant ransomware attack, orchestrated by the Howling Scorpius cybercrime group, has crippled a global data storage and infrastructure company. The devastating breach, attributed to the use of the potent Akira ransomware, highlights alarming vulnerabilities in enterprise security defenses, even when exposed via a seemingly innocuous click on a malicious…
A new cyber campaign, dubbed Operation WrtHug, has compromised tens of thousands of ASUS routers globally, primarily impacting devices in Taiwan, the U.S., and Russia. This widespread hijacking aims to co-opt vulnerable router hardware into a massive botnet network. SecurityScorecard’s STRIKE team identified the campaign, noting infections also occurring in…
A new, highly sophisticated Sneaky2FA phishing kit is actively circulating, employing a deceptive Browser-in-the-Browser (BITB) technique to steal Microsoft account credentials. Push Security researchers have identified this emerging threat, which significantly enhances the capabilities of cybercriminals seeking to compromise user accounts. This development signals a troubling escalation in the ongoing…
A novel .NET-based malware loader is employing an innovative steganography technique to conceal the Lokibot trojan within image files, significantly challenging existing cybersecurity defenses. This advanced multi-stage payload delivery system embeds malicious code within seemingly innocuous PNG and BMP files, a method highly effective at evading detection by security tools…
A widespread browser campaign has infected millions of users through seemingly harmless “Free Unlimited VPN” Chrome extensions. These malicious tools, which collectively garnered over 9 million installations, operated for nearly six years, secretly hijacking user traffic and stealing sensitive browsing data. Research by LayerX Security analysts uncovered this sophisticated operation,…
OPSWAT and NetApp have joined forces to enhance enterprise file security by integrating OPSWAT’s MetaDefender Storage Security solution with NetApp ONTAP. This new collaboration embeds robust multi-layered threat detection capabilities directly into NetApp’s data management platform. The integration aims to block file-borne malware, prevent data leaks, and identify vulnerabilities at…
Fortinet has issued a warning regarding a newly identified security vulnerability, CVE-2025-58034, affecting its FortiWeb web application firewall. The company states that this medium-severity flaw, carrying a CVSS score of 6.7, has already been actively exploited by attackers in the wild. The vulnerability allows authenticated attackers to execute unauthorized code…
Princeton University experienced a significant data breach on November 10, 2025, when unauthorized actors accessed a database managed by its University Advancement department. This incident exposed personal information of numerous members of the Princeton community, including alumni, donors, faculty, students, and parents, raising immediate concerns about potential phishing attacks and…
Malicious actors are exploiting a vulnerability in the open-source AI framework Ray, turning it into a global cryptojacking operation, according to a new report from cybersecurity firm Oligo. The attackers are leveraging Ray’s orchestration features to seize compute resources for cryptocurrency mining, impacting numerous exposed Ray clusters worldwide. Researchers at…