FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running...
revealed
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Ravie LakshmananApr 23, 2026Artificial Intelligence / SaaS Security Vercel on Wednesday revealed that it has identified an additional set of...
108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and...
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long...
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known...
IO River Embraces Wasm to Enable Any WAF to Run on Any CDN
IO River this week revealed it is leveraging the portable WebAssembly (Wasm) binary instruction format to make it possible...
LeakyLooker: Hacking Google Cloud’s Data via Dangerous Looker Studio Vulnerabilities
Tenable Research revealed “LeakyLooker,” a set of nine novel cross-tenant vulnerabilities in Google Looker Studio. These flaws could have...
Hackers Used New Exploit Kit to Compromise Thousands of iPhones
Image: cait00sith/Envato An iOS exploit framework has revealed how advanced mobile attack tools can move rapidly from surveillance operations to...
IRONSCALES Adds Three AI Agents Trained to Automate Cybersecurity Tasks
IRONSCALES today revealed it has developed three artificial intelligence (AI) agents for its email security platform, including one that...
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the...
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Ravie LakshmananFeb 27, 2026Network Security / Vulnerability The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain...
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations
Ravie LakshmananFeb 17, 2026Enterprise Security / Artificial Intelligence New research from Microsoft has revealed that legitimate businesses are gaming artificial...
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Ravie LakshmananFeb 09, 2026Vulnerability / Endpoint Security Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat...
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Ravie LakshmananFeb 06, 2026Artificial Intelligence / Vulnerability Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM),...
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Ravie LakshmananFeb 02, 2026Threat Intelligence / Malware The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update...
