Latest IntelligencePage 11
Search by keyword →
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-D...
Let’s Encrypt Unveils Merkle Tree Certificates to Secure the Web Against Quantum Threats
Let’s Encrypt has announced its roadmap for post-quantum Web PKI, centering on a novel approach called Merkle Tree Certificates (MTCs), a design that deli...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMT...
Microsoft Edge Vulnerability Allows Remote Attackers to Execute Arbitrary Code
Microsoft has released a security update addressing a critical vulnerability in Microsoft Edge that could allow remote attackers to execute arbitrary code on vu...
Dashlane Details How Hackers Managed to Download Encrypted Password Vaults
Dashlane has disclosed that threat actors successfully brute-forced two-factor authentication (2FA) protections to register unauthorized devices and download en...
ClawHub, Cisco, Vercel’s Malicious Skill Detector Bypassed to upload Malicious Skills
AI skill scanners from ClawHub, Cisco, and Vercel’s skills. The platform can be bypassed with minimal effort, allowing malicious skills to be uploaded and distr...
HexStrike AI RED-TEAM With 127 Security Tools and BOAZ Red Team Integration
A fork of the original HexStrike AI project has been released as HexStrike AI v6.0, an advanced Model Context Protocol (MCP)-based cybersecurity automation fram...
Rust-Written IronWorm Hits NPM Supply Chain
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel....
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetiza...
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cry...
China's TA4922 Expands Cybercrime Attacks Globally
One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia....
Hackers Impersonate Ghidra, dnSpy, and SpiderFoot to Spread Malware via Fake Download Sites
Hackers are creating convincing fake websites that impersonate popular security tools to trick users into downloading malware. Instead of obvious phishing pages...
.webp)
binding.gyp Supply Chain Attack Compromises Dozens of npm Packages Across Maintainer Accounts
A self-replicating worm has been quietly spreading across the npm registry using a method most security teams do not watch for. Instead of hiding inside package...
4 Critical Threats Where Attackers Have the Advantage
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections....
Brave launches minimalist Origin browser with only core privacy features
Brave has officially launched Brave Origin, a new premium version of its browser designed for users who want Brave's privacy protections without the company's g...
Credit card theft campaign abuses Stripe to host stolen payment info
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]...
Hackers Use Malicious Ads to Deliver FlutterShell Backdoor on macOS Systems
A new and rapidly spreading malware campaign is putting macOS users at serious risk. Threat actors are using Google Ads to push fake desktop applications that s...
Hackers Use Fake Claude Code Install Page to Deliver Fileless .NET Infostealer
Hackers are exploiting the excitement around AI coding tools by targeting users who search for Claude Code installation guides. An active campaign uses fake ins...
IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets
A newly discovered malware campaign called IronWorm has been silently targeting software developers through poisoned npm packages, stealing credentials, API key...
DentaQuest data breach exposed info of 2.6 million accounts
A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts. [...]...