1+ day, 4+ hour ago  (550+ words) A threat actor started exploiting a severe vulnerability in Cisco products at least two months before the flaw was disclosed, a new Google report warned. Tracked as CVE-2026-20245, this high-severity (CVSS 7. 8) privilege escalation vulnerability stems from insufficient validation of user-supplied…...

3+ day, 1+ hour ago  (478+ words) The line between ransomware activity and nation-state backed cyber campaigns is blurring, as state-sponsored cyber espionage groups adopt tools and techniques associated with cyber criminals to disguise their intelligence operations, a report has warned. Analysis by cybersecurity researchers at NCC…...

4+ day, 14+ hour ago  (380+ words) A supply chain attack which targeted Mastra, an open-source typescript for building AI-powered applications and agents, was the work of North Korean hackers, cybersecurity researchers have said. The attribution was made on June 19 by Microsoft Defender Security Research Team and…...

1+ week, 8+ hour ago  (436+ words) A major cybercriminal network involving thousands of infected websites used to distribute malware has been disrupted by an international law enforcement takedown. The action against the Soc Gholish malware group formed the latest part of Operation Endgame, an ongoing global…...

1+ week, 1+ day ago  (467+ words) A cryptocurrency-stealing malware campaign has been spreading by faking its own popularity, dressing up booby-trapped "tools" with bogus Git Hub stars, inflated download counts and AI-narrated You Tube tutorials. New analysis from Check Point Research traced the operation to a…...

1+ week, 4+ day ago  (389+ words) An attack by the Anubis ransomware group on a port authority on the Adriatic has been cast as a warning to maritime infrastructure. New'analysis, published on June 11 by threat intelligence firm Resecurity, examined'a cyber-attack which saw'Anubis list the Adriatic Port…...

1+ week, 2+ day ago  (397+ words) A North Korean scheme to plant fake IT workers inside Western companies has been exposed from the inside, after one of its operatives tried to infiltrate the very firm that tracks the fraud. Risk intelligence provider Nisos recently detailed how…...

2+ week, 1+ day ago  (525+ words) Cybersecurity firm Group-IB has revealed that a recent Interpol-led cybercrime law enforcement operation has led to the takedown of an established phishing-as-a-service (Phaa S) platform and the arrest of its main operator developer. The crackdown, dubbed Operation Ramz, ran from October…...

2+ week, 3+ day ago  (328+ words) Check Point has urged customers to patch a critical zero-day vulnerability in its Remote Access VPN and Mobile Access solutions that is being actively exploited. CVE-2026-50751 is an authentication bypass'flaw that affects deployments configured to use the deprecated IKEv1 key exchange…...

3+ week, 4+ day ago  (419+ words) A critical flaw in the open-source AI platform Flowise has been disclosed, along with working proof-of-concept (Po C) code, allowing an attacker to take over a server when a logged-in user simply imports a malicious workflow file. According to new analysis…...