Latest IntelligencePage 41
Search by keyword →
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known E...
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensi...
Discord Announces End-to-End Encryption by Default for Video and Voice Messages
Discord has officially rolled out end-to-end encryption (E2EE) for all voice and video communications across its platform, marking a major milestone in secure r...
Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
A sweeping automated supply chain attack codenamed “Megalodon” struck GitHub on May 18, 2026, injecting malicious CI/CD backdoors into over 5,500 re...
How CISOs Should Prep for Agentic-Ready AI BOMs
Finding ways to document both component and execution attributes for AI bill of materials (AI BOM)....
Google API Keys Remain Active After Deletion
A security researcher discovered the API keys can still be used for 23 minutes after deletion, even though the cloud provider claims deletion is immediate....
Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access...
TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs
A new wave of malware disguised as everyday productivity tools has been quietly spreading across the internet, stealing user credentials and giving attackers re...
Fake Invitation Phishing Campaign Targets U.S. Organizations With Credential Theft
A large-scale phishing campaign is actively targeting U.S. organizations, using fake event invitations as bait to steal login credentials, intercept one-time pa...
Google accidentally exposed details of unfixed Chromium flaw
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allow...
Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud
India’s education sector is now at the center of a growing cybercrime storm. Millions of students across the country are being targeted by threat actors w...
Google “Won’t Fix” API key staying active for 23 mins after deletion
Deleted Google API keys remain valid for up to 23 minutes after revocation, potentially allowing attackers to continue accessing Google Cloud services and Gemin...
Critical Chrome Vulnerabilities Enables Remote Code Execution Attacks – Patch Now!
Google has released an urgent security update for Chrome, addressing 16 vulnerabilities including two rated Critical that could allow attackers to execute arbit...
Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now!
Google has released an urgent security update for Chrome, addressing 16 vulnerabilities including two rated Critical that could allow attackers to execute arbit...
Authorities Have Taken Down “First VPN” Used in Ransomware Attacks
In a major international law enforcement success, authorities from seven countries dismantled First VPN, a criminal virtual private network linked to global cyb...
Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials
A new and sophisticated supply chain attack has been uncovered, targeting one of the most trusted corners of the open-source software world. Dubbed “Mini ...
Proton Pass adds new protections for AI agents with account access
A new Proton Pass feature allows users to securely share credentials with AI agents via “AI access tokens,” aiming to reduce the security risks posed by autonom...
Trump Mobile exposes data of customers who ordered the T1 phone
Trump Mobile, the wireless carrier and smartphone brand tied to US President Donald Trump, is reportedly exposing sensitive customer information through an easi...
AI Agents Are Shifting Identity Security Budget Dynamics
AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research sh...
Apple blocked over $11 billion in App Store fraud in 6 years
Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent A...