Hackers are injecting malicious JavaScript into compromised WordPress sites to deploy ErrTraffic-powered ClickFix lures, a campaign that achieved nearly 60% ...
Rokarolla, a new Android banking trojan named after its Command-and-Control (C2) infrastructure, that combines sophisticated social engineering, broad permis...
A coordinated supply chain attack targeting JetBrains IDE users has exposed over 70,000 developers to silent credential theft. The campaign involves at least...
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to ...
Fortra has reported a critical command injection vulnerability in its Core Privileged Access Manager (BoKS) platform, which could allow remote attackers to e...
A recent intrusion demonstrates how threat actors are shifting toward scripting runtimes to evade traditional detection: attackers delivered a modular Remote...
Google has released an urgent Chrome security update addressing multiple critical vulnerabilities that could allow attackers to execute arbitrary code on aff...
A critical security vulnerability tracked as CVE-2026-49468 has been disclosed in the LiteLLM framework, exposing deployments to authentication bypass attack...
Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management ...
New York, United States of America, June 16th, 2026, CyberNewswire Agent Identity Security combines AI agent governance with a native PKI foundation, directl...
New York, New York, June 16th, 2026, CyberNewswire GitGuardian is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NH...
Microsoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware camp...
A professionally engineered loader called OnionDrop is being used in high-tempo campaigns to deliver multiple infostealers at scale. Between February 28 and ...
Novo Nordisk, the Danish pharmaceutical giant behind blockbuster weight-loss drugs Ozempic and Wegovy, has confirmed a cybersecurity breach involving unautho...
A data breach affecting the widely used K–12 student information system, Infinite Campus, has exposed the personal information of approximately 137,000 users...
In April 2026, incident responders traced a sophisticated intrusion that abused compromised WordPress sites to deliver GULoader via an EtherHiding → ClickFix...
Ghostwriter (UNC1151) has escalated its long-standing phishing operations by deploying convincing fake Gmail login panels that harvest both passwords and two...
An active campaign in which attackers are abusing Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts.