Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw...

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities...

How Leading Organizations Are Turning EDR Into Operational Resilience

Most organizations now recognize that endpoint protection alone is no longer sufficient. That’s why adoption...

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy...

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan...

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to...

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a...

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and...

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

Three years ago, the practical question for an MSP building a cybersecurity practice was which...

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers...

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro,...

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices,...

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and...

1 Comment

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial...

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to...

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks...

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

Shadow AI used to mean employees pasting things they shouldn’t into ChatGPT. It now means...

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development...

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed...

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service,...

1 Comment

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management...

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research...

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody...

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users”

State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent...

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with...

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Latin America and Europe become the target of two banking trojan campaigns that are designed...

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with...

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

When an employee installs an AI writing assistant, connects a coding copilot to their IDE,...

Designing secure access with ZTNA

New guidance explains how to design Zero Trust Network Access architectures aligned with zero trust...

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of...