-
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, Department of Energy, EPA, TSA, Department of Transportation, and USDA, has issued a joint warning about ongoing cyberattacks targeting automatic tank gauge (ATG) syst…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability in the Laravel framework could allow attackers to manipulate outbound email processing, potentially leading to unauthorized message delivery, data exposure, or the abuse of mail relays. The issue, tracked as CVE-2026-48019…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are using highly convincing fake purchase orders and sales documents to sneak a new JavaScript backdoor, JS.MonoGlyphRAT, into US enterprises, where it quietly establishes persistence and enables full remote control of infected systems. The mal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
50+ malicious Chrome extensions posing as “live wallpaper” utilities have been caught running an adware operation that hijacks browser behavior and quietly pushes remote HTML content to around 30,000 users. These extensions were distributed through at …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly abusing trusted platforms like YouTube and search engines to distribute malware, and a newly uncovered campaign targeting Minecraft players highlights how effective this tactic has become. Minecraft, originally released in 2011…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is facing scrutiny after reportedly declining to treat a critical dependency confusion vulnerability affecting Azure Portal assets as a security issue, despite a proof-of-concept exploit demonstrating remote code execution (RCE). Security res…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has expanded its Project Glasswing initiative, significantly scaling access to its Claude Mythos Preview model as part of a broader effort to strengthen global software security. The program, first launched in April 2026 with around 50 organi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
