Claude Code leak exploited to spread infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware.
Cyber Alerts
14,000 F5 BIG-IP APM instances exposed to RCE attacks
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online. This exposure occurs amid ongoing attacks...
CrystalRAT malware now includes RAT, stealer, and prankware features
A new malware-as-a-service, named CrystalRAT, is actively promoted on Telegram. It offers a range of malicious capabilities, including remote...
Apple expands iOS 18 updates to more iPhones, blocking DarkSword attacks.
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited...
Hackers exploit TrueConf zero-day, push malicious software updates
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on...
NoVoice Android malware infected 2.3 million devices via Google Play
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times.
Microsoft warns of WhatsApp VBS malware hijacking Windows via UAC bypass.
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS)...
New Threat Report: Routine Access Fuels Modern Cyber Intrusions
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how...
Google fixes fourth Chrome zero-day vulnerability exploited in attacks
Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year.
Mid-Market Security: Prioritizing CVE Remediation and Attack Surface Management
Intruder's Chris Wallis argues mid-market teams should prioritize CVE remediation speed over vulnerability counts, while expanding defenses beyond...
Hackers compromise Axios npm package, deploy cross-platform malware
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to...
CISA orders federal agencies to patch critical Citrix flaw by Thursday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an...
Critical Citrix NetScaler flaw actively exploited, sensitive data at risk.
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to...
Hackers exploit critical F5 BIG-IP flaw, deploy webshells, patch immediately
F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that...
Critical Fortinet FortiClient EMS flaw actively exploited in attacks
Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.
Smart Slider plugin flaw affects 500K WordPress sites
A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users...
Infinity Stealer malware targets macOS, steals data using ClickFix lures
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the...
TA446 uses DarkSword iOS exploit kit in spear-phishing campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed...
CISA adds F5 BIG-IP APM vulnerability to KEV after active exploitation.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy...
Malicious Telnyx PyPI package delivers credential-stealing malware via WAV audio
TeamPCP hackers compromised the Telnyx package on the Python Package Index today. They uploaded malicious versions that deliver...
Fake VS Code alerts on GitHub target developers with malware.
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section...
China upgrades global telco spying backdoor, BPFdoor malware defeats cybersecurity.
Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
Ajax Football Club Hacked: Fan Data Exposed, Tickets Hijacked
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data...
CISA warns of Langflow flaw exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as...
Langflow AI Platform Critical Flaw Exploited by Threat Actors
Threat actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to...
Claude Extension Flaw Allows Zero-Click Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension. This flaw could have been exploited to...
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via...
RedLine infostealer malware admin extradited to US
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific...
GitHub enhances security with AI-powered bug detection
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover...
PolyShell attacks hit 56% of vulnerable Magento stores
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more...
Torg Grabber infostealer malware targets 728 Crypto wallets
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets.