Skip to content
Security News, Assessments & Alerts Page 11

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Ravie LakshmananJul 01, 2026Password Security / Cloud Security Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process. The… 

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake “prove you’re human” pages are now handed out by… 

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Ravie LakshmananJul 01, 2026Vulnerability / Enterprise Security Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an… 

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated… 

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed Silent Swap… 

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Swati KhandelwalJun 30, 2026API Security / Mobile Security Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases,…