Latest IntelligencePage 72
Search by keyword →
Vendor Says Daemon Tools Supply Chain Attack Contained
The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post Vendor Says Dae...
Hackers Using Fake Claude AI Installer Pages to Trick Users Into Running Malware on Their Systems
Hackers are using convincing fake pages for Claude AI to trick users into running malware on their own systems. The campaign, known as “InstallFix” ...
'TrustFall' Exposes Claude Code Execution Risk
Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction....
AI Coding Agents Could Fuel Next Supply Chain Crisis
“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises. The post AI Coding Agents Could Fuel Next Sup...
AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
The most sophisticated AI-integrated campaign to date hit a brick wall in the form of a SCADA login screen....
World's First AI-Driven Cyberattack Couldn't Breach OT Systems
The most sophisticated AI-integrated campaign to date hit a brick wall in the form of a SCADA login screen....
'TrustFall' Convention Exposes Claude Code Execution Risk
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy ...
Scammers Use Short-Lived VoIP Numbers and Reuse Windows to Defeat Reputation-Based Blocking
Phone-based scams are evolving faster than most security filters can keep up with. Attackers are now leaning heavily on Voice over Internet Protocol (VoIP) numb...
UAT-8302 Uses Custom Malware and Open-Source Tools to Steal Data From Government Agencies
A sophisticated China-linked hacker group known as UAT-8302 has been quietly targeting government agencies across South America and southeastern Europe, using a...
Crypto gang member gets 6.5 years for role in $230 million heist
A 20-year-old California man was sentenced to 78 months in prison for serving as a home invader and money launderer in a criminal ring that stole over $250 mill...
Webinar: Why modern attacks require both security and recovery
Modern attacks don't stop at initial compromise. This webinar explores why security and recovery must work together to reduce downtime and improve resilience. [...
Webinar Today: Securing Identity Across Humans, Machines and AI
From service accounts to AI-driven processes, identity is evolving faster than most security programs can adapt. Discover strategies for reducing risk and regai...
WatchGuard Agent Vulnerabilities Let Attackers Grant Full SYSTEM Privileges on Windows
WatchGuard has released urgent security updates to address multiple high-severity vulnerabilities affecting the WatchGuard Agent on Windows. The most critical o...
Critical Redis Vulnerabilities Enables Remote Code Execution Attacks
Five dangerous vulnerabilities in Redis expose Redis Cloud, Redis Software, and all open-source community editions to potential remote code execution, giving au...
Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April
A critical zero-day vulnerability in Palo Alto Networks PAN-OS software has been actively exploited by a likely state-sponsored threat actor since at least Apri...
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Successful exploitation of the flaws could lead to code execution, server-side request forgery attacks, and denial-of-service conditions. The post Cisco Patches...
Hackers Abuse Google Ads to Steal Users GoDaddy ManageWP login Credentials
Hackers are using fake Google ads to steal login credentials from ManageWP users, GoDaddy’s popular platform for managing WordPress websites from a single...
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for n...
Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack
Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue. The post Gemini CLI Vulnerability Coul...
28 Fake Call History Apps on Google Play with 7.3M+ Downloads Trick Users to Steal Payments
A new wave of fraudulent Android apps quietly racked up millions of downloads on Google Play before being taken down. These apps, now tracked under the name Cal...