Bluekit Phishing Platform Evolves With Browser-in-the-Middle Attacks to Steal Live Login Sessions
The Bluekit phishing-as-a-service kit has adopted browser-in-the-middle techniques, allowing attackers to relay real-time login sessions and capture valid authentication tokens from victims.
The Latest
Uber Names Coinbase Security Chief Philip Martin as New CISO to Strengthen Global Cyber Defense
Uber has appointed Philip Martin, former Coinbase CSO and ex-U.S. Army counterintelligence officer, as its new Chief Information Security Officer…
10M+ Install Chrome Ad Blocker Found Capable of Dormant Remote JavaScript Injection
A widely used YouTube ad blocker on the Chrome Web Store has been found to contain a dormant script injection…
Runlayer Raises $30M to Secure Enterprise AI Agents With Unified Control Layer
AI security startup Runlayer has secured $30 million in Series A funding to expand its platform that governs enterprise AI…
Cal Water Confirms No OT Compromise in Handala-Linked Cyberattack Investigation
A joint investigation with Mandiant found that the Iranian-linked Handala group did not breach operational technology systems at California Water…
Russian APT Gamaredon Refines Spyware Arsenal, Expands Stealth Infrastructure and Attack Scale
The FSB-linked Gamaredon cyber-espionage group has upgraded its malware, C2 infrastructure, and delivery tactics, enabling more covert and effective attacks…
PirloTV Sports Piracy Network Hit in Global Takedown as 44 Streaming Domains Seized
Authorities and industry groups have dismantled a major PirloTV-linked piracy network, seizing 44 domains that funneled hundreds of millions of…
Malicious OpenClaw Skills Slip Through Defenses, Exposing AI Supply Chain Risks
Security researchers have uncovered multiple malicious skills in the OpenClaw ClawHub marketplace that bypassed automated scans and enabled credential theft,…
Headline:Shop App Abused to Seed Fake Orders in Callback Phishing Scam Targeting Millions of Users
Scammers are exploiting trust in Shopify’s Shop app by inserting fake purchase receipts into users’ order histories to trigger callback…
‘Gaslight’ macOS Malware Uses Fake System Errors to Mislead AI Security Analysis
A newly discovered macOS malware campaign is weaponizing prompt injection techniques, embedding fabricated error messages to confuse AI-powered malware analysis…
Polish Cybercrime Sweep Dismantles SIM-Swapping Ring Behind Multi-Million Dollar Crypto Heists
An international law enforcement operation has dismantled an alleged SIM-swapping crew accused of hijacking phone numbers, stealing cryptocurrency, and laundering millions through a global network.
Mandiant Uncovers How Attackers Exploited Cisco SD-WAN Zero-Day to Gain Stealthy Root Access
New forensic details reveal how threat actors leveraged a Cisco SD-WAN zero-day vulnerability to create hidden root accounts, establish persistent…
Google Introduces New Privacy Controls for Search History and Personalized Recommendations
Google is rolling out new account settings that separate search activity history from personalization preferences, giving users greater control over…
Edgecution Malware Turns Browser Extensions into Ransomware Entry Points Through Native Messaging Abuse
A sophisticated attack chain dubbed Edgecution is abusing Microsoft Edge extensions and Chrome Native Messaging to bypass browser security boundaries,…
Spotlight
Cisco Unified CM Vulnerability Moves From Disclosure to Active Exploitation Following PoC Release
Threat actors have begun exploiting Cisco Unified Communications Manager vulnerability CVE-2026-20230, a critical file-write flaw that can ultimately lead to root-level compromise of vulnerable systems.
Xolis Healthtech Data Breach Exposes Sensitive Records of 1.4 Million Patients After Phishing Attack
Healthcare AI company Xolis has disclosed a phishing-driven breach that exposed sensitive personal and medical data belonging to approximately 1.4 million individuals.
LastPass Confirms Customer Data Exposure in Klue OAuth Supply Chain Attack
LastPass has confirmed that attackers used stolen OAuth tokens from a Klue supply chain breach to access Salesforce support case data containing customer contact and CRM information.
macOS ClickFix Campaign Abuses Terminal Commands to Deploy Atomic Stealer via Silent DMG Mounting
A new macOS ClickFix campaign is tricking users into running Terminal commands that silently download and mount malicious DMG files to deploy the Atomic macOS Stealer (AMOS).
Features
CISA Flags Active Exploitation of Critical Ubiquiti and Lantronix Vulnerabilities in Federal Systems
CISA has warned that multiple high-severity vulnerabilities in Ubiquiti UniFi OS and Lantronix EDS5000 devices are being actively exploited, prompting…
Mistic Backdoor Linked to KongTuke Access Broker Enables Stealthy Ransomware-Ready Intrusions
A newly identified stealth backdoor called Mistic has been linked to the KongTuke initial access broker and is being used…
GitHub Hardens actions/checkout to Block “Pwn Request” Supply-Chain Attack Patterns
GitHub has updated actions/checkout to block common fork-based “pwn request” attack patterns in pull_request_target workflows, reducing the risk of malicious…
Trump Executive Order Sets 2030 Deadline for Federal Shift to Post-Quantum Cryptography
A new executive order establishes firm deadlines for U.S. federal agencies and contractors to transition to post-quantum cryptography, accelerating national…
Malicious npm Packages Masquerade as PostCSS Tools to Deploy Multi-Stage Windows RAT
Security researchers have uncovered malicious npm packages posing as PostCSS utilities that deploy a multi-stage Windows remote access trojan capable…
Tata Electronics Confirms Cyberattack Following Data Leak Claims by World Leaks Group
Tata Electronics has acknowledged a cybersecurity incident affecting parts of its IT environment after a cyber extortion group claimed responsibility…
