New Helix Extortion Group Targets Enterprises With MFA Abuse and SharePoint Exfiltration
A previously unreported data extortion operation dubbed “Helix” that targets enterprises using identity-focused entry techniques and automated SharePoint exf...
20 articles
A previously unreported data extortion operation dubbed “Helix” that targets enterprises using identity-focused entry techniques and automated SharePoint exf...
Claude Desktop’s synced Personal Preferences feature can be exploited as a covert prompt-injection vector, transforming the AI assistant into a de facto comm...
DuckDuckGo has quietly expanded its privacy-first browser capabilities by introducing a YouTube ad-blocking feature. This feature uses community-driven uBloc...
Melbourne, Florida, United States, July 8th, 2026, CyberNewswire OpenMatter Network today announced that it has joined the founding group of organizations pa...
Twelve firewalls, one question: which NGFW earns a place at your network edge in 2026? For most enterprises the shortlist starts with Fortinet FortiGate (bes...
Claude Cowork was expanded beyond the desktop, rolling out web and mobile versions that let AI-driven task sessions persist across devices and continue runni...
Attackers can silently clone “Verified” GitHub commits by abusing signature malleability in Git’s commit-signing formats, creating byte‑different commits wit...
Nebula Security has revealed a significant exploit chain known as “IonStack,” demonstrating how attackers could gain full root access on Android 17 devices w...
A new intrusion campaign attributed to APT‑C‑20 (aka Fancy Bear, APT28) demonstrates the group’s continued refinement of stealthy, fileless techniques: weapo...
ESET’s H1 2026 threat report shows attackers accelerating the use of familiar playbooks with AI-flavored lures, social engineering, and defense evasion rathe...
A publicly indexed server at 198[.]245[.
CrowdStrike has identified five new techniques for prompt injection targeting AI agents, emphasizing the rapid evolution of adversarial methods as enterprise...
Discord has confirmed a significant flaw in its automated moderation and enforcement pipeline that led to the wrongful banning of approximately 8,200 user ac...
AI-powered coding assistants such as Claude Code, Cursor, and OpenAI Codex are increasingly triggering endpoint detection and response (EDR) alerts that rese...
The U.S.
A human-operated Mexican banking fraud campaign tracked as REF6045 has been observed using a bespoke PowerShell toolkit SCMBANKER to turn commodity click-fra...
A new analysis has revealed a significant security gap within the global web ecosystem. Over 70% of publicly accessible WordPress sites are running outdated,...
A critical vulnerability in the Linux kernel, known as “GhostLock” (CVE-2026-43499), has been disclosed by researchers at Nebula Security. This vulnerability...
A sophisticated, long-running operation that converts consumer devices into rentable exit nodes for residential proxy services. The initial signal was a fake...
A targeted phishing campaign impersonating the Indian Income Tax Department has been observed delivering a sophisticated, six-stage infection chain that culm...