Breach404

Security Insights

Stay Ahead of
the Threat Landscape

Practical guidance on AI security, compliance frameworks, and cloud protection — written by practitioners who've worked inside Microsoft, AWS, Cisco, and JPMorgan Chase.

AI Security2 min read

Felons, Fraudsters Flog Offensive Cybersecurity Startup

A criminal enterprise is exploiting an offensive cybersecurity startup's tools and reputation to conduct fraud and other illegal activities, potentially damaging the company's credibility and putting clients at risk. Organizations should verify the legiti

Read article
Cybersecurity2 min read

DuckDuckGo browser now blocks YouTube video ads

DuckDuckGo's browser now blocks YouTube video ads, including pre-roll and mid-roll advertisements, which represents a direct challenge to YouTube's ad-supported business model and may prompt Google to take countermeasures. Organizations relying on YouTube

Read article
Secure Software2 min read

GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

GitHub's cryptographic commit verification can be bypassed by rewriting commits to generate new hashes while maintaining valid signatures, meaning a "Verified" badge does not guarantee the commit content hasn't been altered. Organizations should not rely

Read article
Cybersecurity2 min read

The Verification Step Is the New ATO Battleground in 2026

Attackers are increasingly targeting the account verification step as their primary method to compromise user accounts, exploiting weaknesses in email confirmations, SMS codes, and other verification mechanisms that organizations rely on for security. Org

Read article
Data Security2 min read

Telco giant KDDI says data breach affects over 12 million people

Japanese telecommunications giant KDDI has suffered a major data breach exposing the email addresses and passwords of over 12 million people through a compromised email platform used by multiple ISPs in the country. If you are a customer of KDDI or any of

Read article
AI Security2 min read

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code

GitHub Copilot's safety guardrails can be bypassed by requesting harmful code through indirect methods—the system refuses dangerous requests in chat but will generate the same harmful code when asked to implement it programmatically. Organizations using A

Read article
AI Security2 min read

CISA orders feds to prioritize patching Langflow auth bypass flaw

CISA has ordered federal agencies to patch a critical authentication bypass vulnerability in Langflow, a framework used to build AI agents, which is currently being actively exploited by attackers in the wild. If your organization uses Langflow, you shoul

Read article
Cybersecurity2 min read

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

A China-linked threat group called UAT-7810 has developed new malware called LONGLEASH to expand their ORB botnet network, increasing their capability to compromise and control infected systems at scale. Your organization should immediately update threat

Read article
Secure Software2 min read

Ubiquiti warns of new max severity UniFi OS vulnerability

Ubiquiti has disclosed seven critical vulnerabilities in UniFi OS, including one maximum-severity flaw that attackers can exploit to inject malicious commands and potentially take control of affected systems. If your organization uses UniFi networking pro

Read article
AI Security2 min read

State IDs for AI Agents: Will Estonia Set a Precedent?

Estonia is piloting a system to issue digital identities to AI agents so they can independently interact with government services on behalf of citizens. Organizations should carefully consider the security and liability implications of granting autonomous

Read article
Secure Software2 min read

CISA orders feds to patch max severity ColdFusion flaw by Friday

A critical vulnerability in Adobe ColdFusion is being actively exploited by attackers and poses maximum severity risk, prompting CISA to mandate that all federal agencies patch it by Friday. If your organization uses ColdFusion, you should immediately pri

Read article
Cloud Security2 min read

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

A critical vulnerability called GhostLock, which has existed unpatched for 15 years, allows attackers to gain root access and escape from containerized environments on most Linux distributions. Organizations running Linux systems should prioritize applyin

Read article
Cybersecurity2 min read

Big Brand Jobs Scam Targets Marketing Pros' Google Accounts

Attackers are running a phishing scam that impersonates well-known brands to trick marketing professionals into handing over their Google account credentials through a series of deceptive redirects designed to bypass security systems. You should train you

Read article
AI Security2 min read

Dialogflow CX 'Rogue Agent' Flaw Enabled AI Chatbot Data Theft

A vulnerability in Google's Dialogflow CX allowed attackers to create unauthorized "rogue agents" that could intercept and steal sensitive data from AI chatbots, including customer information and conversation logs. Google has patched this flaw, but your

Read article
Cybersecurity2 min read

'GitLost' Flaw Leaks Private Data From GitHub's Agentic Workflows

A newly discovered vulnerability in GitHub's agentic workflows allows attackers to create issues in public repositories and secretly access private repository data without needing authentication. Organizations should immediately audit their GitHub workflo

Read article
Secure Software2 min read

Digi International PortServer TS, Digi One SP IA

I cannot complete this task because the article text provided is incomplete and consists primarily of technical JSON configuration code rather than actual content about the Digi International vulnerability. To write accurate advisory sentences for CISOs a

Read article
Secure Software2 min read

Labcenter Proteus 9

I appreciate your request, but the article text you've provided appears to be incomplete or corrupted—it contains only website metadata and configuration code without any actual content about vulnerabilities or security issues affecting Labcenter Proteus

Read article
Secure Software2 min read

Hitachi Energy PROMOD V

I don't have access to the full article content from the provided text, as it appears to contain only the page metadata and configuration code rather than the actual vulnerability details about Hitachi Energy PROMOD V. To write an accurate and useful advi

Read article
Secure Software2 min read

Hitachi Energy e-mesh EMS

I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only website configuration code and JSON data rather than actual content about Hitachi Energy e-mesh EMS vulnerabilities or threats. To write accura

Read article
Cybersecurity2 min read

'BusySnake' Infostealer Slithers Into Critical Infrastructure Networks

A cyber threat group named Armored Likho has deployed an infostealer malware called BusySnake to infiltrate critical infrastructure organizations, including power companies and government agencies across Russia, Brazil, and Kazakhstan. You should immediat

Read article
Secure Software2 min read

CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

Attackers are actively exploiting a newly discovered memory disclosure vulnerability in Citrix NetScaler products, with working exploit code now publicly available. You should immediately inventory your NetScaler deployments, apply available security patc

Read article
Cybersecurity2 min read

Phishing poses as big-brand job interview to steal Google accounts

Attackers are impersonating well-known companies like Adobe, Netflix, and OpenAI in fake job interview emails to trick marketing professionals into surrendering their Google account credentials. You should be extremely cautious about unsolicited interview

Read article
Cybersecurity2 min read

Fake IT support calls on Microsoft Teams push EtherRAT malware

Attackers are impersonating IT support staff in Microsoft Teams voice calls to trick employees into installing EtherRAT malware, which gives them access to corporate networks. Your organization should train employees to verify the identity of anyone reque

Read article
Compliance2 min read

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

Iran-linked threat actors have developed a new command and control framework called Cavern that is being actively used to target Israeli organizations, representing a sophisticated evolution in their cyber capabilities. Organizations should immediately en

Read article
Cybersecurity2 min read

Vietnam arrests suspects behind HiAnime anime piracy service

Vietnamese authorities have arrested seven suspects responsible for operating HiAnime, the world's largest anime piracy streaming service that operated until its shutdown in June 2026. While law enforcement has taken action against the operators, organiza

Read article
Secure Software2 min read

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A vulnerability discovered in Linux KVM that has existed for 16 years allows guest virtual machines to escape their isolation and gain unauthorized access to the underlying host system on Intel and AMD processors. Organizations running virtualized environ

Read article
AI Security2 min read

JadePuffer: The First Complete LLM-Driven Ransomware Attack

Researchers have documented the first ransomware attack fully orchestrated by an AI language model, which exploited a vulnerability in Langflow to infiltrate production systems, steal sensitive data, and encrypt critical files. You should immediately audi

Read article
Secure Software2 min read

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Attackers are actively scanning for and exploiting a critical vulnerability in Gitea's Docker implementation just two weeks after it was publicly disclosed, indicating rapid weaponization of the flaw. Organizations running Gitea in Docker containers must

Read article
AI Security2 min read

Software Is Now Written at the Speed of Thought. Security Isn't.

AI-powered development tools are accelerating software creation so rapidly that traditional security checkpoints are being bypassed or eliminated entirely, leaving vulnerabilities to slip into production code. Organizations must implement automated securi

Read article
Secure Software2 min read

Max severity Adobe ColdFusion flaw now exploited in attacks

A maximum-severity vulnerability in Adobe ColdFusion (CVE-2026-48282) is currently being actively exploited by attackers in real-world attacks. Organizations running ColdFusion should immediately verify they have applied the latest security patches from A

Read article
AI Security2 min read

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

Attackers are increasingly deploying proxy botnets, browser-based ransomware, AI-powered social engineering tactics, and fake proof-of-concept malware to evade detection and compromise systems across organizations. Your security teams should prioritize mo

Read article
AI Security2 min read

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Many organizations are deploying AI solutions that are simply bolted onto existing security operations centers rather than being truly integrated, which leaves critical gaps in threat detection and response capabilities. When evaluating AI security platfo

Read article
AI Security2 min read

Chinese LLMs Broaden the Gap Between Attackers & Defenders

Chinese language models are now approaching the capabilities of leading US AI systems, which means threat actors will soon have access to sophisticated tools for automating cyberattacks at scale. Your organization should urgently assess whether your secur

Read article
Compliance2 min read

Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs

Larger Australian organizations have strengthened their defenses through better safeguards and regulatory compliance, but this success has inadvertently shifted cybercriminals' focus toward smaller and medium-sized businesses that typically have fewer res

Read article
AI Security2 min read

Apple Reverses Age-Old Patch Policy to Keep Up With AI

Apple is moving to faster software updates because AI tools are helping attackers find and exploit security vulnerabilities more quickly than before. You should plan for more frequent Apple updates in your organization and ensure your IT teams can keep pa

Read article
Secure Software2 min read

FBI Seizes NetNut Proxy Platform, Popa Botnet

The FBI has seized NetNut, a proxy platform widely used by cybercriminals to mask their identity and conduct attacks, along with disrupting the Popa botnet that leveraged this infrastructure. Organizations should immediately audit their network logs and s

Read article
Secure Software2 min read

CubeSpace CW0057 Reaction Wheel

I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only website configuration code and metadata without actual vulnerability details about the CubeSpace CW0057 Reaction Wheel. To write accurate and a

Read article
Cloud Security2 min read

Gardyn IoT Hub

I appreciate you sharing this request, but the article text provided appears to be corrupted or incomplete—it contains only technical metadata and configuration code without the actual vulnerability details or threat information about the Gardyn IoT Hub.

Read article
Secure Software2 min read

ST Engineering iDirect iQ-Series Terminals

I cannot write the requested summary because the article text provided does not contain substantive information about ST Engineering iDirect iQ-Series Terminals or any security vulnerability, threat, or finding. The text appears to be only website metadat

Read article
Secure Software2 min read

Schneider Electric EasyLogic T150 and Saitel DP RTU

I appreciate you sharing this, but the article text provided appears to be corrupted or incomplete—it contains mostly website code and metadata rather than actual vulnerability or threat information about the Schneider Electric EasyLogic T150 and Saitel D

Read article
Cybersecurity2 min read

Why Post-Quantum Cryptography Starts With Credentials

I appreciate you sharing this article, but the text provided appears to be corrupted or incomplete—it contains only CSS font declarations and no actual article content about post-quantum cryptography and credentials. To provide you with the two to three s

Read article
Cloud Security2 min read

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

Gamaredon, a Russian-linked threat actor, is actively expanding attacks against Ukraine with new malware variants and by abusing legitimate cloud services to evade detection and maintain persistence. Organizations should immediately review their cloud ser

Read article
Cybersecurity2 min read

US seizes hundreds of FIFA World Cup illegal streaming domains

The U.S. Justice Department has seized nearly 400 domains used to illegally stream FIFA World Cup matches, demonstrating coordinated law enforcement action against piracy operations. Organizations should be aware that cybercriminals often exploit major sp

Read article
Cybersecurity2 min read

Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts

Microsoft discovered and removed 119 malicious extensions from its Edge browser that were hiding malware within image and font files, allowing attackers to avoid detection by security tools. You should audit your organization's installed browser extension

Read article
Secure Software2 min read

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A critical vulnerability in libssh2 (CVE-2026-55200) affecting SSH client connections has now been publicly exploited, meaning attackers have working tools to compromise systems using this widely-deployed library. You should immediately inventory which ap

Read article
Cybersecurity2 min read

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Attackers have compromised legitimate npm and Go package repositories to distribute malware that uses VS Code task automation to silently install Python-based information-stealing malware on developer machines. You should immediately audit your organizati

Read article
Data Security2 min read

Data breach exposes up to 14.2 million email logins at six ISPs

A data breach at Japanese telecommunications operator KDDI Corporation exposed up to 14.2 million email logins across six internet service providers, indicating that attackers compromised a shared email system serving multiple organizations. Business lead

Read article
AI Security2 min read

Clean GitHub repo tricks AI coding agents into running malware

Attackers can create legitimate-looking GitHub repositories that contain hidden malicious payloads designed to execute when AI coding agents automatically clone and set up the code, bypassing both security scanners and human review. Organizations deployin

Read article
Cybersecurity2 min read

Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

Educational institutions are facing increasing security breaches through third-party vendors, putting sensitive student data at risk from ransomware and other cyberattacks. Organizations should immediately audit all vendor relationships, implement strict

Read article
Cybersecurity2 min read

FBI: Russian hackers now target Signal backup recovery keys

Russian intelligence-linked hackers are using phishing campaigns to steal Signal Backup Recovery Keys, which would give them access to victims' historical messages and encrypted communications. You should be extremely cautious about any unexpected message

Read article
Secure Software2 min read

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

A critical vulnerability in Cisco Unified Communications Manager Server is currently being exploited by attackers in active campaigns, and CISA has ordered federal agencies to patch it by Sunday. If your organization uses Cisco Unified Communications Mana

Read article
AI Security2 min read

AI Decline? Confidence in Autonomous Penetration Testing Falls

Confidence in autonomous AI penetration testing tools is declining as companies move away from full reliance on these systems despite continued experimentation with them. Organizations should recognize that while AI can assist in security testing, it cann

Read article
Cybersecurity2 min read

Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions

Cisco is acquiring two companies to strengthen its security approach around identity management, reflecting a broader industry shift toward treating identity as the foundational security layer in an era of AI-driven work. Organizations should recognize th

Read article
Compliance2 min read

New Initiative Tackles Security for End-of-Life Open Source Software

Many enterprises rely on open source software that is no longer actively maintained, creating security vulnerabilities that can expose your systems to unpatched exploits and compliance violations. The Open Source Sustainability Initiative now offers resou

Read article
AI Security2 min read

AI Won't Wipe-Out Entry-Level Cybersecurity Jobs

Entry-level cybersecurity jobs are not disappearing due to AI; instead, the technology is creating new roles that reward professionals who excel at human judgment and critical thinking rather than routine tasks. Organizations should focus on hiring and de

Read article
Cybersecurity2 min read

Russian Intelligence Services Continue to Target Commercial Messaging Applications

Russian intelligence services are actively targeting commercial messaging applications to conduct espionage and gather intelligence, posing a significant risk to organizations whose employees use these platforms for business communications. You should imp

Read article
Secure Software2 min read

OHIF Viewers DICOM

I appreciate your request, but I cannot complete this task as written. The article text provided appears to be corrupted or incomplete—it contains only JavaScript configuration code and metadata with no actual security advisory content about OHIF Viewers

Read article
Secure Software2 min read

Daktronics Controller Firmware

I appreciate you reaching out, but the article text you've provided appears to be corrupted or incomplete—it contains only website code and configuration data without the actual vulnerability details about Daktronics Controller Firmware. To write an accur

Read article
Secure Software2 min read

Delta Electronics DTM Soft

I cannot provide the requested summary because the article text provided is incomplete and contains only technical metadata and configuration code rather than actual content about Delta Electronics DTM Soft vulnerabilities or threats. To write an accurate

Read article
Cybersecurity2 min read

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Members of the Scattered Spider hacking group pleaded guilty on the first day of trial, confirming they conducted sophisticated social engineering attacks targeting major organizations and their security systems. You should review your organization's acce

Read article
AI Security2 min read

Stop Your Legacy Infrastructure from Hijacking Your AI Agents

Attackers can exploit vulnerabilities in legacy systems to compromise AI agents and gain unauthorized access to sensitive data and operations across your organization. You must audit and secure the connections between your legacy infrastructure and AI sys

Read article
Cybersecurity2 min read

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

Multiple critical vulnerabilities are affecting key infrastructure this week, including browser exploits, endpoint detection and response (EDR) system bypasses, botnets targeting smart TVs, OpenBSD flaws, and Android trojans that collectively create a bro

Read article
Cybersecurity2 min read

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada's intelligence agency obtained a court warrant to directly remove malware from thousands of infected devices, marking the first time authorities have taken such direct action to clean up botnets rather than simply monitoring them. Organizations sho

Read article
Cybersecurity2 min read

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

A new malware called AryStinger has compromised approximately 4,300 older routers to create a hidden network that attackers can use for reconnaissance and concealing their activities. Organizations should immediately audit their router inventory to identi

Read article
AI Security2 min read

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

INTERPOL has identified a significant surge in phishing attacks, ransomware campaigns, and AI-powered scams targeting organizations throughout the Asia-Pacific region, indicating that cybercriminals are increasingly leveraging sophisticated tactics includ

Read article
Cybersecurity2 min read

AryStinger botnet infected thousands of D-Link routers worldwide

A newly discovered botnet called AryStinger has infected thousands of outdated D-Link routers worldwide and is using them as proxies to route malicious traffic. You should immediately check whether your organization uses D-Link routers, prioritize updatin

Read article
Cybersecurity2 min read

New Prinz Eugen ransomware prioritizes recent files for encryption

A new ransomware called Prinz Eugen has emerged with a distinctive tactic of targeting recently modified files first, which means your most actively used and business-critical documents are at highest risk of encryption. You should monitor file access pat

Read article
AI Security2 min read

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a supply chain attack on Mastra AI that compromised over 140 npm packages to North Korean hackers from the Sapphire Sleet group, marking a significant escalation in state-sponsored threats targeting open-source software repositori

Read article
Cybersecurity2 min read

Klue OAuth breach victim list grows as Icarus hackers claim attack

Hackers stole OAuth tokens from the market intelligence platform Klue that grant access to customers' Salesforce environments, with the threat group "Icarus" now claiming responsibility and the victim list continuing to expand. You should immediately audi

Read article
Secure Software2 min read

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

An unauthenticated vulnerability in the Gravity SMTP WordPress plugin, installed on 100,000 sites, is being actively exploited by hackers to disclose sensitive information without requiring any credentials or login. If your organization uses WordPress wit

Read article
AI Security2 min read

Stressors, AI Forcing Changes to Cybersecurity Teams

Cybersecurity threats are multiplying and artificial intelligence is making them harder to manage, which is creating significant stress on security teams and putting pressure on CISOs to do more with existing resources. Organizations should recognize that

Read article
Secure Software2 min read

Novo Nordisk Breach Exposes Software Development Pipeline Risk

Novo Nordisk's breach through a leaked GitHub token reveals that many organizations focus on tools to protect secrets rather than controlling who actually has access to sensitive credentials, leaving them vulnerable even when using security software. You

Read article
Compliance2 min read

Operation Escaneo Signals Shift in LatAm Threat Landscape

A newly discovered threat group operating in Latin America appears to be mixing cybercriminal activities like extortion with intelligence gathering, suggesting attackers are becoming more opportunistic rather than following traditional organized patterns.

Read article
Cybersecurity2 min read

FIFA Bug Exposes World Cup Streams to Remote Takeover

A critical security flaw in FIFA's access controls could have allowed hackers to remotely take over World Cup streaming infrastructure, potentially disrupting broadcasts or injecting malicious content to millions of viewers. Your organization should immed

Read article
Cybersecurity2 min read

‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm

A botnet called "Popa" has been discovered to be connected to operations run by a publicly-traded Israeli company, raising serious concerns about corporate involvement in malicious cyber activities. Organizations should immediately investigate whether the

Read article
Cybersecurity2 min read

Salesforce Data Thefts Continue via Klue App Compromise

Hackers have compromised Klue's Battlecards app—a tool integrated with Salesforce—to steal customer data, marking the third such supply chain attack targeting Salesforce users and affecting even security vendors like Huntress. You should immediately audit

Read article
Secure Software2 min read

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT

I cannot provide the requested summary because the article text provided is incomplete and consists primarily of technical configuration data rather than substantive security vulnerability information. To write accurate guidance for business leaders and C

Read article
Secure Software2 min read

Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module

I cannot provide a summary because the article text provided is incomplete and contains only website code/metadata rather than actual article content about the vulnerability. To write accurate security guidance, I would need the full article text describi

Read article
Secure Software2 min read

Mitsubishi Electric MELSEC iQ-F Series

I appreciate you sharing this request, but the article text provided appears to be corrupted or incomplete—it contains only HTML metadata and JavaScript code without the actual vulnerability details or security findings about the Mitsubishi Electric MELSE

Read article
Secure Software2 min read

AzeoTech DAQFactory

I appreciate you providing this content, but the article text appears to be incomplete—it only contains website code and metadata from a CISA page rather than actual advisory content about AzeoTech DAQFactory vulnerabilities or threats. Without substantiv

Read article
AI Security2 min read

DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act

The U.S. Department of Justice has seized two websites that hosted nonconsensual AI-generated nude images of women, marking the first major enforcement action under the TAKE IT DOWN Act and signaling increased government scrutiny of deepfake content. Orga

Read article
Secure Software2 min read

SimpleHelp bug lets hackers create rogue remote support accounts

A vulnerability in SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts without authorization, potentially giving them full control over systems using the platform. Organizations using SimpleHelp

Read article
Cybersecurity2 min read

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

Chinese state-sponsored hackers compromised Google Workspace accounts at research institutions and defense organizations by exploiting email forwarding rules, allowing them to silently copy sensitive communications without triggering typical security aler

Read article
Secure Software2 min read

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

North Korean threat actors are compromising legitimate developer tools and software repositories to distribute malware, turning trusted development platforms into vehicles for cyberattacks against software developers and their organizations. You should im

Read article
AI Security2 min read

Copilot 'SearchLeak' Attack Allows 1-Click Data Theft

Microsoft's Copilot had a critical vulnerability that allowed attackers to steal sensitive data through a single malicious link, exploiting how the AI system processes hidden URLs and variables in prompts. Although Microsoft has patched this specific flaw

Read article
Cybersecurity2 min read

OptinMonster WordPress plugin hacked in CDN supply-chain attack

Attackers compromised the OptinMonster WordPress plugin and two related plugins through a supply-chain attack targeting their content delivery network, potentially exposing websites that use these plugins to malicious code injection and credential theft.

Read article
Secure Software2 min read

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks

Cisco has released a patch for a critical vulnerability in Catalyst SD-WAN Manager (CVE-2026-20262) that attackers were actively exploiting to gain root-level access to affected systems. If your organization uses Cisco SD-WAN vManage, you should prioritiz

Read article
Cybersecurity2 min read

China-Nexus Actor Spy on US Researchers Undetected for a Year

A Chinese-linked hacking group successfully infiltrated U.S. research institutions for over a year by stealing credentials and stealing sensitive data, going undetected until Google shut down the operation. Your organization should immediately audit acces

Read article
Cybersecurity2 min read

Most CISOs Report Pressure to Bury Bad Security News

A majority of Chief Information Security Officers report feeling pressure from leadership to delay or downplay security incidents and breaches rather than disclose them promptly, indicating a significant disconnect between security teams and executive man

Read article
AI Security2 min read

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

A vulnerability chain in LiteLLM allows users with low-level access permissions to escalate their privileges and gain complete control over AI gateway servers. Organizations using LiteLLM should immediately patch to the latest version and review access co

Read article
Data Security2 min read

Council of Europe investigates ShinyHunters data breach claims

The ShinyHunters extortion group has claimed responsibility for breaching the Council of Europe, a major European governing institution, and the organization is now investigating the legitimacy of these claims. Organizations should monitor this situation

Read article
AI Security2 min read

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

Microsoft patched a critical vulnerability in Microsoft 365 Copilot that could have allowed attackers to steal emails, files, and multi-factor authentication codes with just a single click. You should ensure your organization has applied all available sec

Read article
AI Security2 min read

The Beginning of the End of Social Engineering

AI-native operating systems are beginning to defend against social engineering attacks automatically, reducing the burden on individual users to recognize and resist manipulation attempts. You should start evaluating whether your organization's security i

Read article
AI Security2 min read

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

Multiple critical vulnerabilities are actively being exploited across widely-used platforms this week, including a Chrome zero-day, UniFi network device exploits, macOS credential-stealing malware, and VPN flaws that could expose your organization's traff

Read article
Data Security2 min read

Infinite Campus data breach affects 137,000 school staff accounts

The ShinyHunters extortion gang breached Infinite Campus, a widely used K-12 student information system, and stole personal data from over 137,000 school staff accounts through a Salesforce attack in March. School districts and education IT teams should i

Read article
AI Security2 min read

US Cracks Down on Anthropic AI Models Amid Abuse Concerns

Anthropic has suspended access to two of its AI models following a US government export control directive that prohibits foreign nationals from using the technology, signaling increased regulatory scrutiny of advanced AI systems. If your organization uses

Read article
AI Security2 min read

Webinar: How behavioral AI stops phishing and account takeovers

Modern phishing, business email compromise, and account takeover attacks are increasingly bypassing traditional email security defenses, leaving organizations vulnerable to sophisticated threats that create significant operational strain on security teams

Read article
Cybersecurity2 min read

The Onboarding Password Mistake That Creates Unnecessary Risk

I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only font-face CSS code and no actual article content about onboarding password risks. Without the substantive article text, I cannot accurately ext

Read article
Cybersecurity2 min read

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Researchers discovered 152 malicious Chrome wallpaper extensions with over 105,000 combined installations that inject unwanted advertisements and generate fake traffic to inflate ad revenue for their operators. You should immediately audit your organizati

Read article
Compliance2 min read

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Attackers have compromised popular WordPress plugins by injecting malicious code into their scripts, allowing them to install hidden backdoors on thousands of websites without the site owners' knowledge. You should immediately audit all WordPress plugins

Read article

Ready to apply this to your business?

Reading about security is one thing. Having an expert assess your actual environment is another.

Get a Free Security Audit