Latest IntelligencePage 12
Search by keyword →
Stock Exchange Executive’s Outlook Account Targeted to Exfiltrate Credentials
A senior executive at a major global stock exchange had their Microsoft Outlook account silently compromised for five straight months, with attackers carefully ...
CISA Warns of critical Magento Cache Warmer RCE flaw Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical remote code execution vulnerability affecting the...
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to ...
Proton Drive adopts OpenPGP encryption, delivers 300% faster uploads
Proton has announced a major cryptographic upgrade for Proton Drive that significantly improves the performance of its end-to-end encrypted cloud storage platfo...
Anthropic’s Claude Oceanus-v1-p Opens to Red Team Testing, but Distribution is Compromised
A next-generation Anthropic model has surfaced in restricted testing channels, but early distribution was already compromised before the evaluation formally beg...
UN food agency discloses breach affecting 600,000 Gaza households
The United Nations' World Food Programme (WFP), the world's largest humanitarian organization, revealed over the weekend that its self-registration application ...
Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks
Phishing attacks have always been one of the most common ways cybercriminals steal personal and business data. But something has quietly changed about how these...
Hola Browser supply chain breach delivered crypto-miner to users
A supply chain compromise resulted in a crypto-mining executable being distributed alongside certain installations of Hola Browser for Windows. The unexpected c...
New IronWorm malware hits 36 packages in npm supply-chain attack
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [...]...
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothi...
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions...
Proofpoint Warns TA4922 Deploys Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT
A sophisticated cybercrime group known as TA4922 is raising alarms across the global security community. The group has been deploying a growing arsenal of malwa...
Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
As AI agents, machine identities, and third-party applications multiply across enterprises, Offroad is betting autonomous security agents can restore control ov...
Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in pra...
Willow Raises $7 Million for Securing Autonomous AI Agents
Willow (formerly Webrix) emerged from stealth mode with an access platform designed to secure enterprise AI agents. The post Willow Raises $7 Million for Securi...
Bugcrowd Launches EU Data Residency Option For Evolving Data Sovereignty Needs
Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing factor....
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutori...
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapp...
Weaponized ChatGPT Download Site Delivers Malware Via Sponsored Search Results
A new malvertising campaign is exploiting ChatGPT’s popularity by promoting a weaponized fake download site via sponsored search results, delivering malwa...
Microsoft blames unexpected Windows driver updates on caching issue
On Wednesday, Microsoft fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-upd...