3:45 pm – June 16, 2026 Researchers at Obsidian Security have disclosed a critical vulnerability chain (CVSS 9.9) in LiteLLM, an open-source AI gateway, that allows a low-privilege account to achieve full server takeover and execute arbitrary code. This severe flaw, impacting how LiteLLM handles virtual API keys and custom guardrails, exposes sensitive provider keys, encrypted…
A critical vulnerability in Microsoft 365 Copilot Enterprise Search, dubbed “SearchLeak” by researchers, allowed attackers to potentially exfiltrate sensitive user data, including emails and calendar details, with a single click. This discovery highlights a new attack vector chaining together existing web vulnerabilities with an AI-specific weakness. Varonis Threat Labs researchers…
The cybersecurity landscape continues to be a battleground of innovation and exploitation, with attackers consistently finding new ways to leverage existing vulnerabilities and emerging technologies. This week’s recap highlights a series of concerning trends, from actively exploited zero-days in widely used software to the sophisticated abuse of phishing kits and…
Palo Alto Networks VPN vulnerability, identified as CVE-2026-0257, is being actively exploited by an unknown threat actor to gain unauthorized access to GlobalProtect portals. The critical authentication bypass flaw, which affects the portal and gateway components of PAN-OS software, carries a CVSS score of 7.8 and allows malicious actors to…
Splunk has issued critical security updates to address CVE-2026-20253, a severe vulnerability in Splunk Enterprise that allows unauthenticated users to perform arbitrary file operations and potentially achieve remote code execution. Rated 9.8 on the CVSS scoring system, the flaw presents a significant risk to enterprise environments utilizing the affected software.…
U.S. law enforcement agencies, in collaboration with international partners, have seized multiple internet domains alleged to have hosted nonconsensual AI-generated pornography. The operation targeted websites that specialized in creating and distributing digitally altered images and videos of women without their consent. The domains, CFAKE.com and SOCFAKE.com, are accused of publishing…
Research & Analysis
More Articles
Eurofiber France is investigating a significant Eurofiber data breach that impacted its ticket management platform and customer portal systems. The incident, which occurred on November 13, 2025, saw hackers exploit a software vulnerability to exfiltrate customer data. The breach was confined to Eurofiber France and its regional brands, including Eurafibre,…
Meta has introduced a new tool, the WhatsApp Research Proxy, for select long-time bug bounty researchers. This initiative aims to enhance the bug bounty program and facilitate more effective research into WhatsApp’s network protocol. The move comes as the popular messaging platform continues to be a target for sophisticated state-sponsored…
Remcos, a potent commercial Remote Access Trojan (RAT), has surged as a significant cybersecurity threat. Originally marketed as legitimate administrative software by Breaking-Security, unauthorized copies are now actively exploited by threat actors for data theft and unauthorized system access. This sophisticated malware enables attackers to remotely execute commands, exfiltrate files,…
Authorities have dismantled a significant criminal infrastructure after seizing thousands of servers from a rogue hosting company used to fuel widespread cyberattacks. The East Netherlands cybercrime team conducted a major operation on November 12, 2025, taking down approximately 250 physical servers located in data centers across The Hague and Zoetermeer.…
A pervasive new WhatsApp screen-sharing scam is rapidly emerging as a significant threat to smartphone users globally. This sophisticated social engineering attack leverages WhatsApp’s screen-sharing feature, introduced in 2023, to trick unsuspecting individuals into divulging highly sensitive personal and financial data. Reports of this scam have surfaced in countries including…
The Lazarus APT group, a state-sponsored threat actor linked to North Korea, has introduced a new Remote Access Trojan (RAT) named ScoringMathTea. This sophisticated malware, developed in C++, is reportedly being utilized in Operation DreamJob, a campaign specifically targeting companies involved in Unmanned Aerial Vehicle (UAV) technology supplied to Ukraine.…
UNC1549 Hackers Employ Custom Tools to Target Aerospace and Defense Systems for Credential Theft
By News RoomA sophisticated Iranian-backed threat group, identified as UNC1549, has been actively conducting targeted cyberattacks against aerospace, aviation, and defense organizations globally since mid-2024. The group employs a dual approach, merging finely tuned phishing campaigns with the exploitation of established trust relationships between primary targets and their third-party suppliers, making them…
Lynx ransomware, a potent threat to enterprise environments, has been observed employing sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. Recent intrusions highlight threat actors leveraging compromised Remote Desktop Protocol (RDP) logins to deploy Lynx ransomware, systematically deleting server backups before encryption. This evolving threat continues to be…
The Middle East cybersecurity market is experiencing impressive growth, driven significantly by the adoption of AI and cloud computing technologies. This surge is positioning the region as a key player in global cybersecurity solutions. According to a new report from Mordor Intelligence, the Middle East cybersecurity market is projected to…
Google has issued urgent security updates for its Chrome browser to patch two critical vulnerabilities, including a zero-day flaw that is actively being exploited by attackers. The company announced the release on Monday, November 18, 2025, urging users to update immediately to prevent potential compromises. This latest patch addresses a…
A sophisticated criminal network, dubbed “Payroll Pirates,” has been meticulously targeting payroll systems, credit unions, and trading platforms across the United States since mid-2023. Utilizing a strategy of malvertising, these malicious actors place fake advertisements on search engines, luring unsuspecting users to phishing websites. Once credentials are stolen from these…
Cybersecurity researchers have identified a new artificial intelligence (AI) tool named Xanthorox that threat actors can utilize to generate different malicious code based on user prompts. This platform, operating on darknet forums and criminal communities, bypasses standard AI safety protocols, presenting a significant new challenge for the cybersecurity industry. While…