Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Ravie LakshmananJun 05, 2026Spyware / Mobile Security Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the…

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where “OP” stands for “opponent”) that has been observed targeting Microsoft Internet Information Services (IIS) servers to…

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms,…

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question…

Fake Sites, Banking Malware, and Stolen Logins

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking…

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email…

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Swati KhandelwalJun 04, 2026Vulnerability / Network Security Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.…

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Swati KhandelwalJun 04, 2026Vulnerability / AI Security A security researcher found a flaw in Anthropic’s Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a…

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

The Hacker NewsJun 04, 2026Artificial Intelligence / Defense Technology Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic’s…

AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Ravie LakshmananJun 04, 2026Hacking News / Cybersecurity News It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper.…

« Previous
1
…
11
12
13
14
15
…
538
Next »