Critical GNU InetUtils telnetd flaw raises urgent questions about legacy remote access risk
A reported GNU InetUtils telnetd flaw could enable unauthenticated root RCE, putting legacy Telnet-exposed systems at serious risk.
New DarkSword iOS exploit used in infostealer attack on iPhones
A reported DarkSword iPhone campaign shows how iOS exploits and infostealers can expose personal data and crypto wallets alike.
New Perseus Android malware checks user notes for secrets
Perseus shows how Android malware can turn plain text notes into a gold mine for passwords, seed phrases, and financial secrets.
Shai-Hulud-like worm targets developers through npm and AI tools
Researchers warn a Shai-Hulud-like npm worm is targeting developers, stealing secrets, and abusing AI tooling in supply-chain attacks.
Vulnerabilities in password managers put browser trust under scrutiny
Researchers say some password managers can leak or alter credentials through browser-side flaws, challenging how users interpret encryption claims.
Fake AI assistants in Chrome Web Store steal passwords and spy on emails
Malicious AI-themed Chrome extensions are stealing passwords, hijacking sessions, and spying on email at alarming scale.
European governments breached in zero-day attacks targeting Ivanti
European institutions were hit in a wider Ivanti zero-day campaign, exposing the risks posed by compromised edge appliances.
New zero-click flaw in Claude Desktop extensions raises hard questions about AI app trust
LayerX says a zero-click flaw in Claude Desktop extensions could enable RCE, raising fresh concerns about AI app trust and endpoint security.
Ai security threats loom as enterprise usage jumps 91%
Zscaler’s AI findings suggest enterprise adoption is outpacing security, with prompt injection, data leakage, and risky integrations driving exposure.
Russian hacktivists intensify disruptive cyber pressure on UK orgs
The UK NCSC says Russian hacktivists are increasing disruptive attacks on critical sectors, with DDoS and defacements driving pressure.
Interlock ransomware targets Cisco enterprise firewalls
Interlock’s reported use of a critical Cisco firewall flaw shows how ransomware crews are turning edge-device bugs into stealthy enterprise breaches.
FBI seizes Handala data leak site after Stryker cyberattack
The FBI’s seizure of Handala sites after the claimed Stryker attack highlights rising destructive cyber risk across healthcare supply chains.