Latest IntelligencePage 73
Search by keyword →
Google pushes massive Chrome security update to patch 127 flaws
Google has released Chrome 148 to the stable channel with one of the largest security update batches in the browser’s history, patching 127 vulnerabilities acro...
Fake Claude AI website delivers new 'Beagle' Windows malware
A fake version for the Claude AI website offers a malicious Claude-Pro Relay download that pushes a previously undocumented backdoor for Windows named Beagle. [...
Malicious NuGet Packages Target Browser Credentials, SSH Keys, and Crypto Wallets
A fresh wave of malicious packages has been quietly spreading through the NuGet ecosystem, one of the most widely used registries in the .NET developer world. F...
Critical vm2 Node.js Library Vulnerabilities Enables Arbitrary Code Execution Attacks
VM2 has been hit by 11 critical vulnerabilities, putting countless applications that rely on it at risk of executing untrusted code. Affecting all versions up t...
.webp)
Hackers Used Claude AI to Attack on Water and Drainage Utility Systems
A new threat intelligence report has revealed that an unknown group of hackers used a commercial AI tool to target the systems of a municipal water and drainage...
Critical Ollama Memory Leak Vulnerability Exposes 300,000 Servers Globally
A major security flaw has placed Ollama, one of the most widely used platforms for running local AI models, at risk of a high-profile exposure event. The issue,...
Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided Hack...
Microsoft Teams for Android Allow Users to Join Third-Party Meetings via SIP
Microsoft is expanding interoperability in its mobile communication ecosystem by allowing Microsoft Teams users on Android devices to join third-party meetings ...
.webp)
New ClickFix Attack Targets macOS Users With Fake Disk Cleanup and Utility Lures
A new wave of cyberattacks is putting macOS users in the crosshairs, and this time the bait looks almost too familiar. Attackers are disguising their malware as...
Massive 2.45B-Request DDoS Attack Used 1.2 Million IPs to Evade Rate Limits
Distributed Denial of Service (DDoS) campaign targeted a large-scale user-generated content platform, unleashing over 2.45 billion malicious requests in just fi...
Google Chrome 148 Released with Fix for 127 Security Vulnerabilities – Update Now!
Google has officially promoted Chrome 148 to the stable channel for Windows, Mac, and Linux, rolling out version 148.0.7778.96 for Linux and 148.0.7778.96/97 fo...
New Phishing Attack Weaponizing Event Invitations to Steal Login Credentials
A large-scale phishing campaign has been quietly targeting organizations across the United States, using fake event invitations as bait. Rather than sending a s...
.webp)
New Salat Malware Uses QUIC and WebSocket Channels for Stealthy Remote Control
A newly identified malware called Salat is raising serious alarms across the cybersecurity community for its sophisticated design and surprisingly wide range of...
New FEMITBOT Network Uses Telegram Mini Apps to Push Crypto Fraud and Android Malware
A new and highly organized fraud network called FEMITBOT has emerged, exploiting Telegram’s Mini App feature to run large-scale cryptocurrency scams and p...
.webp)
Darkhub Hacking-for-Hire Portal Advertises Crypto Fraud, Message Interception, and Monitoring
A dark web platform calling itself Darkhub has surfaced on the Tor network, openly advertising hacking-for-hire services to anyone willing to pay. The platform ...
A Vulnerability in PAN-OS Could Allow for Remote Code Execution
A vulnerability has been discovered in the PAN-OS Authentication Portal (aka Captive Portal) service that could allow for remote code execution. PAN-OS is the o...
Hackers abuse Google ads for GoDaddy ManageWP login phishing
A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPress...
VoidStealer Malware Darts Past Google Chrome's Encryption
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers....
Yet Another Way to Bypass Google Chrome's Encryption Protection
Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers....
Instructure Breach Exposes Schools' Vendor Dependence
ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational insti...