Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

SonicWall customers are currently facing significant risks as attackers exploit two critical zero-day vulnerabilities. Researchers revealed that these flaws were actively targeted by hackers three weeks prior to SonicWall's disclosure and patching efforts. This means that many users may still be vulnerable to attacks if they haven't updated their systems. The exploitation of these vulnerabilities could lead to unauthorized access to sensitive information and compromise network security. It's crucial for organizations using SonicWall products to take immediate action to secure their systems against these threats.

Read Original

Cybersecurity researchers have identified a new Internet-of-Things (IoT) botnet framework called TuxBot v3 Evolution. This botnet appears to have been developed with some assistance from a large language model (LLM), although the results have not been entirely successful. Notably, when the developers prompted the AI to generate botnet code, it included a safety disclaimer that the developers did not remove. This incident raises concerns about the potential misuse of AI in creating malicious software. As IoT devices become more prevalent, any vulnerabilities or botnets that target them could impact a wide range of users and systems, making it crucial for manufacturers and users to enhance their security measures.

Read Original

The recent restrictions imposed by the US government on AI companies like Anthropic and OpenAI have sparked significant discussions in the UK and elsewhere about reducing dependence on American technology firms. This push for greater technological sovereignty comes as countries assess the implications of relying on foreign companies for critical AI capabilities. The situation raises concerns about data security and national interests, as countries may seek to develop their own AI models to safeguard against potential vulnerabilities and geopolitical risks. The call for sovereignty is not just about technology but also about ensuring that nations can protect their data and maintain control over their digital futures. As this dialogue progresses, it could lead to shifts in how AI technologies are developed and deployed globally.

Read Original

Recently, researchers discovered that five malicious versions of AsyncAPI packages were uploaded to the Node Package Manager (npm). These packages contained a remote access trojan designed to steal user credentials and other sensitive information. This supply-chain attack poses a significant risk, as developers who unknowingly downloaded these infected packages could have their systems compromised. The incident highlights the vulnerabilities within the npm ecosystem and the importance of scrutinizing third-party packages before use. Developers and organizations should be vigilant about the packages they incorporate into their projects to avoid similar attacks in the future.

Read Original

A recently discovered vulnerability in Cursor allows attackers to execute arbitrary code on users' systems without their consent. By creating a malicious repository containing a 'git.exe' file in the project root, attackers can exploit this flaw, which Cursor executes automatically when the repository is accessed. This puts users at significant risk, especially those who frequently interact with repositories from untrusted sources or do not have adequate security measures in place. As there is currently no patch available to fix this issue, users should be cautious when using Cursor and consider limiting their exposure to potentially harmful repositories. This vulnerability serves as a reminder of the importance of maintaining security hygiene in software development environments.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to quickly address three vulnerabilities in SharePoint that are currently being exploited by attackers. Among these, two have been identified as zero-days, meaning they are actively targeted before a patch was made available. This situation poses significant risks to users of SharePoint, as attackers could gain unauthorized access to sensitive data or disrupt operations. Organizations that use SharePoint are advised to prioritize patching these vulnerabilities to protect their systems and data from potential breaches. Immediate action is crucial to mitigate the risks associated with these exploits.

Read Original

A new AI-powered system has been developed to automatically find complex software vulnerabilities, referred to as a 'vulnerability vending machine.' This system utilizes code slicing alongside large language models (LLMs) to discover previously unknown security flaws. Recently, it successfully identified and exploited a zero-day vulnerability in a WordPress plugin, which had not been publicly known before. The company behind this technology is also working on additional vulnerabilities that are currently under responsible disclosure, meaning they are notifying affected parties before making the details public. This development raises concerns about the ease of finding and exploiting software vulnerabilities, potentially putting many users and systems at risk if such tools become widely accessible.

Read Original

Mozilla has rolled out updates for Firefox to fix two serious vulnerabilities that could be exploited by attackers. The flaws, identified as CVE-2026-15718 and CVE-2026-15719, involve issues with JavaScript: WebAssembly and site isolation in the DOM: Navigation component. Mozilla has warned users that exploit code for these vulnerabilities is already available publicly, increasing the urgency for users to update. It’s crucial for Firefox users to install these updates promptly to protect against potential attacks that could compromise their security and privacy. Keeping software up to date is a key defense against such risks.

Read Original

Recent research by Sophos reveals that compromised logins are now the leading method for ransomware delivery, surpassing traditional software vulnerabilities. This shift means that attackers are increasingly using phishing, brute force attacks, and other identity-based threats to gain access to networks. As a result, organizations may be at greater risk if they do not enhance their security measures around user credentials. Companies should prioritize employee training on recognizing phishing attempts and implement multi-factor authentication to bolster defenses. This change in attack vectors highlights the need for a more proactive approach to cybersecurity, particularly in safeguarding login credentials.

Read Original
Critical
PromptFiction Flaw Auto-Submitted Hidden Prompts in Claude Desktop

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

A vulnerability in Claude Desktop has been discovered that allows attackers to submit hidden prompts with just one click. This flaw could lead to unauthorized access to chat conversations and even enable remote code execution on vulnerable systems. Users of Claude Desktop should be particularly cautious, as this could impact the integrity and confidentiality of their data. The ease of exploitation raises concerns about the potential for widespread misuse. It is essential for users to stay informed about this issue and apply any necessary updates or security measures as they become available.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance aimed at improving collaboration between software manufacturers and security researchers. This initiative is designed to help companies better understand how to engage with researchers who identify vulnerabilities in their products. The guidance includes best practices for reporting security issues and highlights the importance of transparency in the process. By fostering a more cooperative relationship, CISA hopes to enhance the overall security of software and online services. This effort is particularly relevant as the frequency of cyber threats continues to increase, making it essential for organizations to address vulnerabilities swiftly and effectively.

Read Original

The U.S. has charged several Russian individuals and companies for operating cybercrime services that have been linked to various attacks on American entities. These suspects have already faced sanctions from the U.S. and its allies, indicating their longstanding involvement in malicious online activities. The charges reflect an ongoing effort by U.S. authorities to combat cybercrime and hold accountable those who facilitate it. This move is particularly significant as it aims to disrupt the infrastructure that supports cybercriminal activities, which have increasingly targeted businesses and government systems. The implications of these charges may extend to international relations and the ongoing battle against cyber threats.

Read Original

On July 14, researchers from OX Security revealed that several AsyncAPI npm packages were compromised, leading to the injection of malware capable of stealing information, stealing cryptocurrency, and allowing remote access to infected systems. The packages affected include @asyncapi/generator version 3.3.1 and @asyncapi/generator-components version 0.7.1, which collectively have over 2 million downloads each week. This incident poses significant risks to developers and organizations using these packages, as the malicious code could potentially lead to severe data breaches and financial losses. Users of these packages are urged to take immediate action to secure their systems and avoid using the compromised versions. The discovery of this attack underscores the vulnerabilities present in the npm ecosystem and the importance of maintaining vigilance against supply chain attacks.

Read Original

Spanish authorities have dismantled a significant cybercrime network responsible for stealing and laundering around €140 million. The group operated through various fraudulent schemes, including fake investment platforms, CEO fraud, invoice fraud, and man-in-the-middle attacks. Four individuals were arrested during the operation, with two detained in Portugal, one in Spain, and another in Panama. The investigation began when police identified 19 companies engaged in suspicious financial activities that suggested money laundering rather than legitimate business practices. This crackdown highlights ongoing issues with cybercrime and the need for vigilance among businesses and individuals alike.

Read Original

Nudge Security has rolled out new features to help organizations better manage the risks associated with OAuth grants and browser extensions. These two areas are increasingly targeted by attackers and can be challenging for IT teams to monitor. The new capabilities automatically identify and assess the risk of OAuth grants and browser extensions, flagging those that are deemed high-risk. Additionally, the system includes a human-in-the-loop process for remediation, allowing teams to make informed decisions as they respond to potential threats. This enhancement is part of Nudge Security's ongoing efforts to provide tools that improve enterprise security management.

Read Original
Page 1 of 267Next