A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target’s mailbox, OneDrive, or SharePoint account through a specially crafted URL. […]
New attack turned Microsoft 365 Copilot into 1-click data theft tool Read More »
Palo Alto Networks has revealed that it has observed “active exploitation” of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw affecting the portal and gateway components of PAN-OS software that could be exploited
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw Read More »
Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. […]
Chinese hackers hijack auth flow, spy on isolated network for a decade Read More »
A former IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. […]
Ex-school district employee jailed for hacks on former employer Read More »
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. […]
FBI disrupts massive AI-powered phishing service using a million URLs Read More »
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Read More »
Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. “The operation
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing Read More »
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit Read More »
Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national security concerns. The AI company said it received
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals Read More »
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system. “In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication Read More »