AsyncAPI npm packages infected with credential-stealing malware 2026-07-15 True Bill Toulas True We built a vulnerability vending machine: AI tokens in, zero-days out 2026-07-15 True Sponsored by Intruder True CISA warns admins to patch actively exploited SharePoint flaws 2026-07-15 True Sergiu Gatlan True US charges alleged operators of Russian bulletproof hosting service 2026-07-15 True Sergiu Gatlan True SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now 2026-07-14 True Lawrence Abrams True Spanish Police take down €140 million cyber fraud ring, arrest four 2026-07-14 True Bill Toulas True Nearly 300 GitHub repos pose as legit software to push malware 2026-07-14 True Bill Toulas True Microsoft releases Windows 10 KB5099539 extended security update 2026-07-14 True Lawrence Abrams True Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days 2026-07-14 True Lawrence Abrams True Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown 2026-07-14 True Lawrence Abrams True LastPass, Bitwarden users targeted with fake security alerts 2026-07-14 True Bill Toulas True You Don't Have to Run an Exploit to Know If You're Vulnerable 2026-07-14 True Sponsored by Picus Software True New phishing kits target Microsoft 365 accounts, evade MFA 2026-07-14 True Bill Toulas True SAP warns of critical flaws in NetWeaver and Commerce Cloud 2026-07-14 True Sergiu Gatlan True Spain arrests suspected member of pro-Russian hacktivist groups 2026-07-07 True Bill Toulas True The GitHub Actions Attack Pattern Your CI Security Scanners Miss 2026-07-07 True Sponsored by ActiveState True New Linux kernel flaw allows VM escape on Intel, AMD devices 2026-07-07 True Sergiu Gatlan True BeyondTrust warns of critical flaws in remote access software 2026-07-07 True Sergiu Gatlan True Phishing poses as big-brand job interview to steal Google accounts 2026-07-06 True Ionut Ilascu True Fake IT support calls on Microsoft Teams push EtherRAT malware 2026-07-06 True Lawrence Abrams True Vietnam arrests suspects behind HiAnime anime piracy service 2026-07-06 True Sergiu Gatlan True Max severity Adobe ColdFusion flaw now exploited in attacks 2026-07-06 True Sergiu Gatlan True JadePuffer ransomware used AI agent to automate entire attack 2026-07-04 True Bill Toulas True NetNut proxy network disrupted, 2 million infected devices cut off 2026-07-03 True Ionut Ilascu True ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit 2026-07-03 True Lawrence Abrams True ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds 2026-07-02 True Sponsored by Huntress Labs True Cisco finally confirms attackers exploiting Unified CM flaw 2026-07-02 True Sergiu Gatlan True CISA: Microsoft SharePoint RCE flaw now actively exploited 2026-07-02 True Sergiu Gatlan True Alleged Scattered Spider hacker extradited to the United States 2026-07-02 True Sergiu Gatlan True Medtronic notifies customers impacted by ShinyHunters data breach 2026-07-02 True Bill Toulas True FortiBleed credential-theft campaign linked to Lynx ransomware 2026-07-01 True Lawrence Abrams True Kubota says hackers had month-long access to network systems 2026-07-01 True Bill Toulas True New ChocoPoC malware targets researchers via trojanized PoC exploits 2026-07-01 True Bill Toulas True DHS confirms hackers breached HSIN info-sharing platform 2026-07-01 True Lawrence Abrams True Hackers target Microsoft 365 accounts with 81 million login attempts 2026-07-01 True Bill Toulas True Over 900 Oracle E-Business instances exposed to ongoing attacks 2026-07-01 True Sergiu Gatlan True Adobe patches seven max severity ColdFusion, Campaign flaws 2026-07-01 True Sergiu Gatlan True New BioShocking attack manipulates AI browser into data theft 2026-06-30 True Bill Toulas True Clean GitHub repo tricks AI coding agents into running malware 2026-06-27 True Bill Toulas True FBI: Russian hackers now target Signal backup recovery keys 2026-06-26 True Lawrence Abrams True CISA sets urgent deadline to fix Cisco flaw exploited in attacks 2026-06-26 True Bill Toulas True Polymarket customers lose $3 million in supply-chain attack 2026-06-26 True Bill Toulas True Cybersecurity firms targeted by fraudulent OpenAI organization invites 2026-06-26 True Lawrence Abrams True Poland busts SIM-swapping gang tied to millions in crypto theft 2026-06-25 True Bill Toulas True Order-tracking app Shop abused to push callback phishing attacks 2026-06-25 True Bill Toulas True New macOS malware embeds fake errors to confuse AI analysis tools 2026-06-25 True Lawrence Abrams True PirloTV sports piracy network disrupted as 44 domains seized 2026-06-25 True Bill Toulas True Bluekit phishing kit adopts browser-in-the-middle for login theft 2026-06-25 True Bill Toulas True The Four Elevations of Effective Fraud Prevention 2026-06-25 True Sponsored by IPQS True DraftKings hacker 'Snoopy' sentenced to 18 months in prison 2026-06-24 True Bill Toulas True