-
APT37 is using NarwhalRAT in a tightly engineered intrusion chain that starts with Microsoft-themed spear-phishing, pivots through malicious LNK files and PowerShell, and ends with a Python-based backdoor with dead-drop C2 via pCloud. The campaign is n…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in Wazuh Manager could allow unauthenticated threat actors to tamper with alerts, delete forensic evidence, and execute arbitrary OpenSearch operations by exploiting an input validation weakness in the platform’s new inventory …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A misconfigured PHP-based malware distribution platform has been exposed after a security researcher inadvertently gained administrative access via an unlocked installation page, highlighting critical operational security failures in the active threat …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Office of the Maine Attorney General has temporarily taken its public data breach reporting portal offline following the discovery of fraudulent submissions falsely claiming security incidents at VRChat and Discord. The incident, disclosed in an of…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed Agentjacking attack class can silently weaponize AI coding agents against the very developers who rely on them, requiring no phishing, no server compromise, and no user interaction beyond a developer’s normal workflow of asking …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked as CVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has disabled all access to its Fable 5 and Mythos 5 artificial intelligence models following a sudden export-control directive from the United States government. Issued at 5:21 PM ET on June 13, 2026, the directive cited pressing national sec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive, coordinated network of 152 malicious Google Chrome browser extensions has been dismantled after researchers caught the operation generating fake organic Google search traffic. Socket’s Threat Research Team discovered the operation spanning 3…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A notable operational pivot by the GRU-linked intrusion set APT28 (aka Fancy Bear, Sofacy, Forest Blizzard, Pawn Storm) that combines the MooBot botnet and compromised EdgeRouters to enable resilient cyber operations. This shift amplifies APT28’s long-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian organizations. Rather than relying on bespoke malware, the operators exploit familiar business …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
