9:16 am – June 15, 2026 Cybersecurity researchers have unveiled a novel attack technique, dubbed “Agentjacking,” that subverts artificial intelligence (AI) coding agents, compelling them to execute arbitrary code on developer workstations. This groundbreaking vulnerability exploits a fundamental architectural weakness at the intersection of error tracking platforms and AI agents, potentially granting attackers unfettered access to…
The cybercriminal group ShinyHunters has been actively exploiting a critical vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning (ERP) system. This zero-day exploit, identified as CVE-2026-35273, allows attackers to gain unauthorized access, exfiltrate sensitive data, and then demand ransom payments to prevent its public release. The campaign has…
Security researcher Chaotic Eclipse has unveiled a significant new vulnerability, dubbed GreatXML, that bypasses Windows BitLocker encryption. This discovery, detailed just a day after the release of an exploit targeting Microsoft Defender, highlights a critical weakness in Microsoft’s endpoint security posture. The GreatXML exploit allows unauthorized access to encrypted drives,…
Cybersecurity threats reported: Worm code leaked, AI agent compromised, software patch released.
By News RoomCybercrime Ecosystem Evolves: Supply Chain Attacks and Advanced Tools Threaten Security This week has highlighted a significant maturation in the cybercriminal landscape, moving beyond rudimentary attacks to sophisticated operations. A concerning trend involves the emergence of polished, readily available tools for complex attacks, such as supply chain compromise kits found…
Artificial Intelligence Disrupts Vulnerability Management, Prompting CISO Budget Reallocation to Breach and Attack Simulation
By News RoomThe landscape of cybersecurity has been fundamentally altered by the rapid advancements in artificial intelligence, compressing the discovery-to-exploit window for vulnerabilities from months to mere hours. This seismic shift renders traditional vulnerability management strategies, built on ample reaction time, obsolete. Organizations must now adapt to a new paradigm where the…
Cybersecurity researchers have identified a significant resurgence and expansion of JDY, a covert botnet linked to Chinese state-sponsored threat actors. This sophisticated network, primarily composed of compromised small office and home office (SOHO) and Internet of Things (IoT) devices, is actively being utilized for large-scale reconnaissance and targeting operations on…
Research & Analysis
More Articles
A popular Chrome extension, Urban VPN Proxy, boasting over 6 million installations, has been found to be secretly harvesting user conversations with major AI chatbots. The extension, despite holding Google’s “Featured” badge for quality, contains hidden code designed to intercept and exfiltrate sensitive dialogue from platforms like ChatGPT, Claude, Gemini,…
Threat actors are actively exploiting two newly disclosed critical security vulnerabilities in Fortinet FortiGate devices, just days after their public revelation. These zero-day attacks, observed on December 12, 2025, target authentication bypasses that could grant attackers unauthorized access. This rapid exploitation highlights the urgent need for organizations to patch their…
A new and aggressive information stealer named SantaStealer has emerged as a significant threat to Windows users globally. This malware-as-a-service (MaaS) is actively being marketed on Telegram channels and underground hacker forums, with a full release anticipated by the end of 2025. SantaStealer represents a rebranding of the earlier BluelineStealer,…
A sophisticated new account takeover campaign, dubbed the GhostPairing Attack, is enabling malicious actors to gain full access to WhatsApp accounts without needing stolen passwords or exploiting technical vulnerabilities. This alarming threat, initially observed in Czechia, leverages social engineering tactics and WhatsApp’s legitimate device linking feature to trick unsuspecting users…
A critical security vulnerability dubbed React2Shell is being actively exploited by various threat actors to deploy sophisticated malware, including KSwapDoor and ZnDoor. Cybersecurity researchers from Palo Alto Networks Unit 42 and NTT Security have detailed how this flaw, identified as CVE-2025-55182, is enabling attackers to gain unauthorized access and control…
Google is set to retire its Dark Web Report tool in February 2026, a move that will stop monitoring user personal information on the dark web less than two years after its introduction. This decision by the tech giant signals a shift in its approach to online safety, aiming to…
Bahrain marked Police Day on December 14, highlighting the police force’s dedication to national security and stability, with the Ministry of Interior releasing figures detailing significant operational performance and service enhancements throughout 2025. Senior Ministry of Interior officials and officers from across security services attended the annual event, where His…
A new malware campaign dubbed PCPcat has rapidly compromised over 59,000 servers in less than 48 hours by exploiting critical vulnerabilities in Next.js and React frameworks. This widespread attack highlights a significant security gap in popular web development tools, leaving a substantial number of servers vulnerable to unauthorized access and…
Japanese organizations have become targets of a sophisticated cyberattack campaign leveraging a critical vulnerability in React/Next.js applications, known as React2Shell (CVE-2025-55182). Initially observed deploying cryptocurrency miners, the attacks have escalated, with a new malware called ZnDoor now being used to compromise network devices and establish persistent backdoor access. This development…
New Android Malware Frogblight Impersonates Government Websites to Steal SMS and Device Data
By News RoomA new sophisticated Android banking Trojan, dubbed Frogblight, has been identified as a significant threat in Turkey, employing advanced social engineering tactics to steal banking credentials and sensitive user information. Discovered in August 2025, this malware initially posed as an application for accessing court case files through official government portals.…
A sophisticated new malware known as “MioLab MacOS” is being actively advertised on underground cybercrime forums, posing a significant threat to macOS users. This resident infostealer, marketed as a Malware-as-a-Service (MaaS), provides threat actors with a web-based control panel and customizable features, aiming to ease the compromise of Apple devices…
The sophisticated xHunt APT group has launched a series of targeted cyberattacks against organizations in Kuwait, specifically focusing on government, shipping, and transportation sectors. This advanced persistent threat actor, active since 2018, is employing a custom and evolving toolkit, with many of its tools named after characters from the popular…