OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the...
Hacking
Category Added in a WPeMatico Campaign
ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
Ravie LakshmananJun 22, 2026Supply Chain Attack / Malware Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack...
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
Ravie LakshmananJun 22, 2026AI Security / Vulnerability Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic...
29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests
Swati KhandelwalJun 22, 2026Vulnerability / Server Security A heap over-read in the Squid web proxy can leak another user's cleartext...
New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer
Ravie LakshmananJun 22, 2026Malvertising / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by...
Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries
Swati KhandelwalJun 22, 2026Mobile Security / Open Source Google has set September 30, 2026, as the day it begins enforcing Android...
Stop Your Legacy Infrastructure from Hijacking Your AI Agents
Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs...
Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices
Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian...
AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network
Swati KhandelwalJun 22, 2026IoT Security / Vulnerability A new malware family is turning forgotten home routers into a distributed reconnaissance...
INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
Ravie LakshmananJun 22, 2026Cybercrime / Artificial Intelligence A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in...
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Ravie LakshmananJun 20, 2026Vulnerability / Web Security Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a...
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12...
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes
The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that...
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote...
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with...
