DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering
The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to…
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified…
FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting…
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad,…
Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration
President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and…
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote…
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead…
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
OpenAI on Monday said it’s releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part…
ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to…
Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than…