JDownloader Website Hack Delivers Remote Access Trojan via Tainted Installers
Malicious actors replaced Windows and Linux JDownloader installers with a Python based remote access Trojan after exploiting an unpatched CMS vulnerability on the official website.
The Latest
Microsoft Releases Mitigation for BitLocker Bypass Exploit Dubbed YellowKey
Microsoft released a mitigation for a BitLocker bypass that allows attackers with physical access to spawn an unrestricted shell and…
Two Actively Exploited Microsoft Defender Flaws Enable System Takeover
Two Microsoft Defender flaws are being exploited in the wild, allowing attackers to gain SYSTEM privileges or crash the antimalware…
Developer Tool Poisoning Leads to GitHub Internal Repository Breach
GitHub confirmed a breach after a malicious Visual Studio Code extension compromised an employee device, leading to exfiltration of internal…
GhostTree Technique Traps EDR Scanners in Infinite Directory Loops
GhostTree exploits NTFS junctions to create recursive directory loops that trap EDR scanners in infinite traversal paths, leaving malicious files…
Researcher Exposes Flaw in Claude Code Sandbox That Leaked Developer Secrets
A SOCKS5 null-byte injection in Claude Code's network sandbox allowed attackers to exfiltrate credentials and source code for over five…
Cisco Secure Workload Flaw Opens Door to Full System Takeover via API
The critical bug in Cisco Secure Workload requires no authentication and grants attackers full Site Admin control via internal REST…
NYC Health + Hospitals Breach Exposes Biometrics and Medical Records of 1.8 Million
A three month breach at NYC Health Hospitals via a compromised third party vendor exposed biometric data, medical records, and…
Microsoft Launches Driver Quality Initiative to Curb Windows 11 Crashes
The Driver Quality Initiative introduces four pillars to improve testing, partner accountability, and update hygiene for Windows 11 drivers.
AI Generated Lookalike Domains Now Hide Inside Trusted Browser Scripts
Attackers now embed AI generated lookalike domains inside legitimate third party scripts, bypassing traditional security tools that have no visibility…
DevilNFC Android Malware Combines Kiosk Mode Lock and NFC Relay to Steal Card Data
Researchers uncover DevilNFC, an Android malware that locks devices in Kiosk Mode and uses NFC relay to steal banking data from victims in Europe and Latin America.
Continuous Device Checks: The Missing Link in Modern Zero Trust Security
Modern attack techniques easily bypass MFA by stealing session tokens, making continuous device posture checks essential for a zero trust…
SonicWall VPN Flaw Lets Attackers Bypass MFA Despite Firmware Updates
ReliaQuest found attackers bypassing MFA on SonicWall Gen6 VPNs even after patching, requiring manual LDAP reconfiguration to fully close the…
Webworm Hackers Add Discord and Microsoft Graph API Backdoors to Toolkit
Researchers discovered two new custom backdoors deployed by the Webworm threat actor that use Discord and Microsoft Graph API for…
Spotlight
Microsoft Opens RAMPART and Clarity Tools to Fortify AI Agent Security
The new open-source tools from Microsoft target AI agent vulnerabilities early in the software development lifecycle.
Enterprise Identity Gaps Threaten Safe Deployment of Autonomous AI Agents
New research shows that over half of enterprise identity elements remain unmanaged, creating a critical vulnerability as organizations rapidly deploy autonomous AI agents that can exploit hidden credentials.
Deceptive Go Package Hides DNS Backdoor for Years in Supply Chain Attack
A typosquatted Go package remained dormant for years before activating a DNS based backdoor that persists even after its GitHub repository was deleted.
MacOS Systems at Risk From Metadata Processing Flaw in Popular Tool
Attackers can execute commands on macOS by hiding malicious code in image metadata through a two-step copying technique that bypasses built-in filters.
Features
Two-Decade-Old PostgresSQL Flaw Now Targeted by Public Exploit Code
A publicly released exploit targets a heap buffer overflow in PostgreSQL's pgcrypto extension that can give attackers full operating system…
Malicious VS Code Extension Targets Developers with Credential Theft
A compromised Nx Console extension silently harvested developer credentials from password managers, cloud services, and code repositories through a multi…
Automation and AI Workflows to Speed Up Network Incident Response
A live webinar on June 2, 2026 will demonstrate how AI driven automation can eliminate manual bottlenecks in network incident…
Critical ChromaDB Vulnerability Lets Attackers Take Over AI Servers Remotely
HiddenLayer researchers found that the authentication check in ChromaDB's Python API runs too late, allowing attackers to load and execute…
New SHub Malware Variant Exploits Fake Google Update on macOS
The SHub malware family's latest variant bypasses Apple security by impersonating Google Software Update and using AppleScript to evade standard…
North Korean Espionage Group Targets Recruiters and Crypto Users in Multiphase Campaign
Four separate spear phishing campaigns used fake resumes and Solana meme coin content to deploy malware through trusted platforms like…