Latest IntelligencePage 20
Search by keyword →
Dashlane confirms user vaults were copied by hackers in recent attack
Dashlane has disclosed that attackers were able to download copies of encrypted password vaults for a small subset of users during a brute-force attack that tar...
How Leading Organizations Are Turning EDR Into Operational Resilience
Most organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response (EDR) has accel...
Hackers Deploy AZUREVEIL Adaptix C2 Agent via Spearphishing Campaign
A newly identified spearphishing campaign has been quietly targeting government officials, researchers, and technology workers in the Czech Republic and Taiwan....
Android June 2026 update patches actively exploited zero-day
Google has released the June 2026 Android security updates, addressing dozens of vulnerabilities across the mobile operating system, including a high-severity z...
Supply Chain Attack Hits 32 Red Hat NPM Packages
Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. The post Supply Chain Attack Hits 32 Red H...
Web App and API Attacks are Rising: Are You Blind to AI Web Attacks? Join Free WAAP Security Webinar
Every day, thousands of web applications and APIs are probed, scanned, and exploited by attackers who have learned a critical truth: most organizations are not ...
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's M...
PHANTOMPULSE RAT Uses Process Injection and UAC Bypass to Compromise Windows Systems
A newly analyzed remote access trojan called PHANTOMPULSE has drawn serious attention for its advanced approach to compromising Windows systems. The malware is ...
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Dashlane’s security systems automatically locked accounts to protect them against the hacking attempts. The post Dashlane Brute-Force Attack Leads to Limited En...
Nimbus Manticore APT Abuses Fake Recruitment Portal to Deliver Custom Malware
A state-linked hacking group has been caught running a carefully crafted fake recruitment operation to push custom malware onto unsuspecting victims. The group,...
Android 0-Day Vulnerability Exploited in Attacks to Gain Complete Device Control
A critical Android zero-day vulnerability is being actively exploited in targeted attacks, allowing threat actors to gain near-complete control over affected de...
Oracle’s First Monthly Patches Resolve 77 Vulnerabilities
Oracle’s monthly Critical Security Patch Update (CSPU) rollouts are meant to deliver critical fixes faster. The post Oracle’s First Monthly Patches Resolv...
Critical StrongDM Vulnerability Allows Attackers to Steal and Reuse Authentication
A critical authentication flaw in StrongDM’s desktop application has been identified that allows attackers to hijack user sessions by reusing locally stored aut...
Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks
Dashlane has disclosed a security incident involving a large-scale brute-force attack targeting user accounts, beginning on May 31, 2026. According to the compa...
Gamaredon APT Hides Malware in Windows Features and Abuses Cloud Platforms for C2
Gamaredon, a Russian state-backed espionage group, is deploying a new VBScript worm that hides inside native Windows features while using popular cloud services...
Critical WP Maps Pro Vulnerability Allow Attackers to Create Administrator Account
A critical security vulnerability in the popular WP Maps Pro WordPress plugin could allow attackers to gain full control of affected websites by creating unauth...
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-for...
Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts
A critical logic flaw in Meta’s AI-powered Instagram support chatbot allowed attackers to bypass two-factor authentication entirely, not by cracking codes...
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised site...
Red Hat npm packages compromised to steal developer credentials
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Sha...