Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-lookin…
The Hacker News
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. "This was an acciden…
The Hacker News
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from …
The Hacker News
Another day, another Windows exploit code
The Register
Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason is simple. Cybersecurit…
The Hacker News
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones …
The Hacker News
No disclosure via official channels, no offer of identity theft monitoring, no problem
The Register
In this week’s newsletter, Amy reminisces on the tech toys of their childhood, inspired by a hilarious lesson about why your digital privacy shouldn't be left on an open channel.
Cisco Talos
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 26-04, titled “Prioritizing Security Updates Based on Risk,” compelling all Federal Civilian Executive Bran…
CyberSecurityNews
A notorious hacking group has been caught targeting stock investors in Vietnam through a supply chain attack, hijacking a popular investment software platform to deliver a powerful backdoor. The operation, carried out b…
CyberSecurityNews
A new malware loader called GoFlateLoader has been quietly spreading across the internet, and what makes it stand out is not how complex it is but how effective a simple trick has made it. Written in the Go programming …
CyberSecurityNews
For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by sev…
The Hacker News
A critical security vulnerability in Langflow, tracked as CVE-2026-5027, is raising serious concerns after researchers confirmed that attackers can exploit the flaw to execute malicious code on affected systems. The iss…
CyberSecurityNews
An amendment by Sen. Kirsten Gillibrand (D-NY) to the chamber’s fiscal 2027 national defense authorization bill that would have created the digital-focused service was defeated 14-13 when the Senate Armed Services Commi…
The Record · Recorded Future News
A sophisticated Phishing-as-a-Service (PhaaS) platform called SniperDz has been quietly enabling a wide range of online fraud that goes far beyond basic credential theft. The platform provides cybercriminals with a read…
CyberSecurityNews
A security researcher known as brutecat has disclosed how an AI-driven fuzzing pipeline uncovered more than $500,000 in vulnerabilities across Google’s infrastructure in under three months, exposing systemic access-cont…
CyberSecurityNews
GitHub has announced a major security-focused update to the Node Package Manager (npm), introducing breaking changes in the upcoming npm v12 release to reduce software supply chain attack risks significantly. The update…
CyberSecurityNews
A new study has revealed that advanced large language models (LLMs), particularly Anthropic’s Claude Mythos Preview, are dramatically accelerating the development of N-day exploits, reducing timelines from weeks to just…
CyberSecurityNews
CISA has added a critical vulnerability in Check Point Security Gateway to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the flaw in ransomware campaigns. The vuln…
CyberSecurityNews
Hackers are using weaponized DMG files to target macOS users with infostealer malware, exploiting the long-standing myth that Apple devices are safe from cyber threats. These attacks rely on fake software installers dis…
CyberSecurityNews
Great Marlow School, which has 1,428 pupils according to the Department for Education (DfE), said it was set to remain closed while it works with specialist IT and cybersecurity professionals to resolve the issue.
The Record · Recorded Future News
Denis Obrezko, 36, made his initial appearance in federal court in Boston on Tuesday after being transferred to U.S. custody from Thailand, where he was arrested last November.
The Record · Recorded Future News
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prol…
The Hacker News
Operational technology security remains as difficult as ever, with even the best practice recommendation falling short.
Dark Reading
Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appe…
SecurityWeek
According to the university’s statement, it is still working to understand what data has been accessed and said it had already directly contacted affected students and alumni, potentially including those in its foreign …
The Record · Recorded Future News
As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise. The post Alert Fatigue Is Becoming a Security Threat of Its Own appeared …
SecurityWeek
The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeare…
SecurityWeek
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques. The post OnyxC2 Stealer Offer…
SecurityWeek
Unternehmen ohne Niederlassung in der EU können nach Art. 3 Abs. 2 DSGVO in den Anwendungsbereich der DSGVO fallen. In diesem Fall ist nach Art. 27 DSGVO grundsätzlich ein EU-Vertreter zu benennen. Unter den Voraussetzu…
Dr. Datenschutz
Auch in FreeBSD haben IT-Forscher eine Sicherheitslücke gefunden, die die Rechteausweitung ermöglicht. Name: „Bumsrakete[tm]“.
heise online
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands to the robot fleet. T…
CISA
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to impersonate devices, intercept or manipulate communications, harvest sensitive credentials at scale, or gain unauthorized acc…
CISA
View CSAF Summary Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premi…
CISA
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. [...]
BleepingComputer
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques t…
The Hacker News
Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system. The post Hackers Exploit Langflow Vulnerability for Remote Code Execution appeared first on …
SecurityWeek
A PowerShell script included in patch files appears to be triggering false positives by multiple security engines. The post Siemens Says Desigo CC Files Flagged as Malware by Security Engines appeared first on SecurityW…
SecurityWeek
The 13 websites purported to be affiliated with consulting companies that advertised job openings for current and former holders of security clearances The post FBI Seizes 13 Websites That Officials Say Were Used by Chi…
SecurityWeek
The surveillance company Leonardo wants more data: A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehi…
Bruce Schneier
The security defects could allow attackers to create or modify arbitrary files and access and modify protected resources. The post Splunk, Palo Alto Networks Patch Severe Vulnerabilities appeared first on SecurityWeek.
SecurityWeek
Mit macOS 27 ist das x86-Zeitalter bei Apple vorbei. Immerhin soll es noch über einen längeren Zeitraum Patches geben. Wie vollständig die sind – unklar.
heise online
AI-driven attacks are exposing the limits of fragmented MSP security stacks and slow response workflows. Kaseya breaks down why integrated security, automation, and recovery are becoming essential. [...]
BleepingComputer
The PoC exploits Microsoft Defender’s offline scan to spawn a SYSTEM shell when rebooting in Recovery Mode. The post ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker appeared first on SecurityWeek.
SecurityWeek
The CEO thought this was the best way to deal with some email issues
The Register
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affe…
BleepingComputer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies. [...]
BleepingComputer
Zwei Sicherheitslücken bedrohen Ivanti Endpoint Manager Mobile. Sicherheitspatches schaffen Abhilfe.
heise online
The ShinyHunters hacker group has taken credit for the attack, leaking more than 450,000 email addresses and other information. The post University of Nottingham Confirms Breach After Hackers Leak Data appeared first on…
SecurityWeek
Schon das Stichwort „Security Audit“ reicht: Forscher kritisieren Anthropics Fable 5, weil dessen Cybersecurity-Filter auch harmlose Anfragen ausbremsen.
heise online
In aktuellen Versionen haben die OpenSSL-Entwickler insgesamt 18 Sicherheitslücken geschlossen.
heise online
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by SpectreOps.You can hear a podcast discussion of this newsletter by searchi…
Risky Business
Oracle schließt außerhalb der üblichen Zeitpläne mit einem Update eine kritische Codeschmuggel-Lücke in PeopleSoft.
heise online
Microsoft has resolved a known issue causing some Windows Server 2025 devices to boot into BitLocker recovery after installing the April 2026 security update. [...]
BleepingComputer
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums. [...]
BleepingComputer
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. [...]
BleepingComputer
PRC eyes are watching you
The Register
North Korea's gross domestic product (GDP) has grown, in part because of the nation's state-sponsored cybercrime groups, which target financial firms and other businesses.
Dark Reading