Latest IntelligenceThreat IntelligencePage 7
Search by keyword →
Nessus Agent Vulnerability on Windows Enables Arbitrary Code Execution with SYSTEM Privileges
A newly disclosed security vulnerability in Tenable’s Nessus Agent for Windows could allow attackers to execute malicious code with the highest level of s...
73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign
The GlassWorm supply chain attack targeting the Open VSX marketplace has escalated with the discovery of 73 new “sleeper” extensions. Identified in ...
Hackers Exploiting Cisco Firepower Devices’ Using n-day Vulnerabilities to Gain Unauthorized Access
State-sponsored threat actors are actively targeting Cisco Firepower devices by chaining known vulnerabilities to deploy a highly customized backdoor. Cisco Tal...
US lawmakers introduce bill to require warrants for government data searches
US lawmakers have introduced a new bill that would dramatically tighten government surveillance powers by requiring warrants for nearly all data searches involv...
Void Dokkaebi Hackers Use Fake Job Interviews to Spread Malware via Code Repositories
A North Korea-linked hacking group known as Void Dokkaebi, also tracked as Famous Chollima, is running a campaign that tricks software developers into installin...
Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise
Locked Shields has grown significantly over the past 16 years, with only four nations participating in the first edition. The post Locked Shields 2026: 41 Natio...
Trump Administration Vows Crackdown on Chinese Companies ‘Exploiting’ AI Models Made in US
The Trump administration is vowing to crack down on foreign tech companies’ exploitation of U.S. artificial intelligence models. The post Trump Administration V...
Hackers Use Telegram Bots to Track 900+ Successful React2Shell Exploits
A newly exposed server has revealed how a threat actor used automated tools, AI assistance, and Telegram bots to silently hack into more than 900 companies arou...
Hackers Leverage Microsoft Teams to Breach Organizations Posing as IT Helpdesk Staff
A newly identified threat group, UNC6692, has been caught running a sophisticated multistage intrusion campaign that uses Microsoft Teams impersonation, a custo...
Bitwarden CLI Compromised in Supply Chain Attack via GitHub Actions
Socket has confirmed that Bitwarden CLI version 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign, exposing millions of users and ...
Bitwarden CLI backdoored in Checkmarx supply chain attack
The Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, with attackers injecting malicious code into an official release ...
Fake TradingView AI Agent Site is Delivering Needle Stealer Malware via Fake TradingClaw
A new malware campaign is tricking traders into downloading a data-stealing tool by impersonating the popular financial platform TradingView. Attackers set up a...
Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos
360 Digital Security Group claims to have uncovered 1,000 vulnerabilities using AI, including at the Tianfu Cup hacking contest. The post Chinese Cybersecurity ...
Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data
Researcher says the missing piece is a governance-driven intelligence layer that turns SBOM and VEX data into explainable security decisions. The post Are SBOMs...
North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks
The campaigns focus on financial organizations, including cryptocurrency, venture capital, and blockchain entities. The post North Korean Hackers Use AppleScrip...
British Scattered Spider Hacker Pleads Guilty in the US
Tyler Buchanan admitted in court to hacking into various companies, defrauding them, and stealing cryptocurrency from multiple individuals. The post British Sca...
Hackers Abuse QEMU for Defense Evasion
The machine emulator has been abused in at least two different campaigns distributing ransomware and remote access tools. The post Hackers Abuse QEMU for Defens...
Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House
The Senate approved a short-term renewal until April 30 of a controversial surveillance program used by U.S. spy agencies. The post Senate Extends Surveillance ...
Half of the 6 Million Internet-Facing FTP Servers Lack Encryption
The continued use of the half-century-old protocol exposes enterprises and end users to various types of attacks. The post Half of the 6 Million Internet-Facing...
Vercel confirms security incident as hackers claim to sell internal access
Vercel has disclosed a security incident involving unauthorized access to parts of its internal systems, as a threat actor simultaneously claims to be selling a...