Cybersecurity Firms Targeted by Fake OpenAI Organization Invites in “Poisoned Tenant” Phishing Campaign
Attackers are creating fake OpenAI organizations and inviting employees into them using legitimate invitation emails, tricking users into joining attacker-controlled ChatGPT workspaces designed to harvest sensitive corporate data.
The Latest
Polymarket Frontend Supply-Chain Attack Drains $3M as Malicious Script Tricks Users Into Fraudulent Transactions
A supply-chain breach affecting a third-party frontend dependency on Polymarket led to malicious script injection that caused users to approve…
FBI Warns Russian Hackers Now Target Signal Backup Recovery Keys in Evolving Phishing Campaign
A Russian intelligence-linked phishing campaign targeting Signal users has evolved to steal Backup Recovery Keys, giving attackers access to victims’…
StrikeShark Campaign Deploys New SharkLoader Malware to Deliver Cobalt Strike Across Global Targets
A new cyberespionage campaign tracked as StrikeShark is using a previously unknown SharkLoader malware to deploy Cobalt Strike Beacons across…
Chinese-Speaking APT Deploys TinyRCT Backdoor in Southeast Asia Government Espionage Campaign
Excerpt: A Chinese-speaking threat actor has been linked to a new TinyRCT backdoor used in targeted cyber espionage attacks against…
Amazon Q Developer Flaw Let Malicious Repos Execute Code via MCP Configuration Abuse
A vulnerability in Amazon Q Developer allowed attackers to execute arbitrary commands and access cloud credentials by abusing MCP configuration…
CISA Flags Actively Exploited PTC Windchill RCE Flaw as Attackers Deploy Web Shells
CISA has added a critical PTC Windchill vulnerability to its Known Exploited Vulnerabilities catalog after confirming active exploitation involving JSP…
Headline:DirtyClone Linux Kernel Flaw Enables Local Root Escalation Through Zero-Copy Networking Bug
A newly disclosed Linux kernel vulnerability dubbed DirtyClone allows local attackers to gain root privileges by exploiting a flaw in…
Miasma Supply Chain Campaign Expands Across npm, GitHub Actions, and Go Projects
Researchers have uncovered a new wave of the Miasma malware campaign that compromises npm packages, GitHub Actions, and Go repositories…
Microsoft Warns Hospitality Sector of Photo-Themed Phishing Campaign Delivering Node.js Malware
A sophisticated phishing campaign targeting hotels across Europe and Asia is using fake guest complaint emails and photo-themed ZIP files…
Researchers Find Russian Authorities Used Cellebrite Tools After Company Halted Sales
A forensic investigation indicates Russian authorities used legacy Cellebrite software to unlock an opposition activist's iPhone months after the company ended sales to Russia, highlighting the long-term risks posed by offline forensic tools.
Google Uncovers Turla’s New STOCKSTAY Backdoor Powering Espionage Campaigns Against Ukraine
Google researchers have identified STOCKSTAY, a sophisticated new .NET backdoor used by Russia’s Turla APT to conduct cyber espionage against…
Bluekit Phishing Platform Evolves With Browser-in-the-Middle Attacks to Steal Live Login Sessions
The Bluekit phishing-as-a-service kit has adopted browser-in-the-middle techniques, allowing attackers to relay real-time login sessions and capture valid authentication tokens…
Uber Names Coinbase Security Chief Philip Martin as New CISO to Strengthen Global Cyber Defense
Uber has appointed Philip Martin, former Coinbase CSO and ex-U.S. Army counterintelligence officer, as its new Chief Information Security Officer…
Spotlight
10M+ Install Chrome Ad Blocker Found Capable of Dormant Remote JavaScript Injection
A widely used YouTube ad blocker on the Chrome Web Store has been found to contain a dormant script injection mechanism that could enable full-page data access with a single…
Runlayer Raises $30M to Secure Enterprise AI Agents With Unified Control Layer
AI security startup Runlayer has secured $30 million in Series A funding to expand its platform that governs enterprise AI tools, agents, and usage through a centralized security control layer.
Cal Water Confirms No OT Compromise in Handala-Linked Cyberattack Investigation
A joint investigation with Mandiant found that the Iranian-linked Handala group did not breach operational technology systems at California Water Service, despite claims of deep infrastructure access.
Russian APT Gamaredon Refines Spyware Arsenal, Expands Stealth Infrastructure and Attack Scale
The FSB-linked Gamaredon cyber-espionage group has upgraded its malware, C2 infrastructure, and delivery tactics, enabling more covert and effective attacks against Ukrainian targets.
Features
PirloTV Sports Piracy Network Hit in Global Takedown as 44 Streaming Domains Seized
Authorities and industry groups have dismantled a major PirloTV-linked piracy network, seizing 44 domains that funneled hundreds of millions of…
Malicious OpenClaw Skills Slip Through Defenses, Exposing AI Supply Chain Risks
Security researchers have uncovered multiple malicious skills in the OpenClaw ClawHub marketplace that bypassed automated scans and enabled credential theft,…
Headline:Shop App Abused to Seed Fake Orders in Callback Phishing Scam Targeting Millions of Users
Scammers are exploiting trust in Shopify’s Shop app by inserting fake purchase receipts into users’ order histories to trigger callback…
‘Gaslight’ macOS Malware Uses Fake System Errors to Mislead AI Security Analysis
A newly discovered macOS malware campaign is weaponizing prompt injection techniques, embedding fabricated error messages to confuse AI-powered malware analysis…
Polish Cybercrime Sweep Dismantles SIM-Swapping Ring Behind Multi-Million Dollar Crypto Heists
An international law enforcement operation has dismantled an alleged SIM-swapping crew accused of hijacking phone numbers, stealing cryptocurrency, and laundering…
Mandiant Uncovers How Attackers Exploited Cisco SD-WAN Zero-Day to Gain Stealthy Root Access
New forensic details reveal how threat actors leveraged a Cisco SD-WAN zero-day vulnerability to create hidden root accounts, establish persistent…
