Latest IntelligencePage 21
Search by keyword →
Spain arrests doxer leaking sensitive data of govt employees
The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the Na...
Anthropic to Open Mythos AI to EU's ENISA
The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic....
Microsoft's Zero-Day Legal Threats Spark Backlash
After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order....
WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites
The security defect (CVE-2026-8732) allows unauthenticated attackers to create administrative accounts on the affected installations. The post WP Maps Pro Vulne...
Dashlane password manager users locked out by brute force attacks
Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...
Dutch Police Dismantle Massive 17-Million-Device Botnet
Dutch authorities seized command-and-control servers tied to a botnet of infected computers, smartphones, and tablets that was allegedly used to power a residen...
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from deve...
IBM WebSphere Server Vulnerable to Remote Code Execution Attack Via Crafted Request
IBM has disclosed a critical security vulnerability in its WebSphere Application Server ecosystem that could allow attackers to execute arbitrary code through s...
WordPress malware campaign hides payloads in Steam profiles
Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data. [...]...
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability has been discovered in a widely used Magento caching plugin that allows attackers to remotely execute malicious code with no l...
Critical MCP Toolbox Vulnerability Impacts Enterprise Database onnectors
A newly disclosed vulnerability, tracked as CVE-2026-9739, is raising security concerns across enterprise environments using MCP Toolbox, particularly those tha...
Brave’s new AgentStop system reduces wasted AI battery drain by 23%
Brave has introduced AgentStop, a new open-source system designed to reduce the energy consumed by local AI agents running on consumer hardware. The technology ...
Android Banking Trojan OverlayPhantom Abuses Accessibility Service to Control Devices
A dangerous new Android banking trojan called OverlayPhantom has been quietly targeting users across ten countries, placing banking credentials, financial data,...
Microsoft Office for the Web and Teams Hit by File Access Outage
Microsoft experienced a service disruption affecting users’ ability to open files through Office for the Web and Microsoft Teams, with the company confirm...
.webp)
Attackers Abuse Docker and Kubernetes Misconfigurations to Compromise Host Systems
Attackers are actively exploiting misconfigurations in Docker and Kubernetes environments to break out of containers and take full control of the underlying hos...
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Organizations are advised to patch CVE-2026-41089 as soon as possible, given its severity, the potential ongoing exploitation. The post Critical Windows Netlogo...
SmartApeSG Campaign Uses ClickFix Scripts to Infect Windows Hosts With RAT Malware
A well-known social engineering campaign called SmartApeSG is back in the spotlight, this time using ClickFix scripts to quietly plant remote access malware on ...
Microsoft investigates Office Apps, Teams file access issues
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and free Office for the web cloud-based productivity suite from openi...
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May....
Multiple Red Hat Cloud Services npm Packages Compromised to Deploy Credential-Stealing Malware
A significant supply chain attack on June 1, 2026, targeting over 30 official packages under the @redhat-cloud-services npm scope. The campaign, dubbed “M...