11 Jul, 2026

BeyondTrust warns of critical flaws in remote access software

BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow attackers to bypass authentication. The first vulnerability, tracked as CVE-2026-40138, affects the company’s RS remote desktop and assistance platform (versions 25.3.2 or earlier) and the PRA enterprise cybersecurity solution (versions 25.3.2 or earlier). […]

3 mins read

Fake IT support calls on Microsoft Teams push EtherRAT malware

Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. The campaign, reported by Palo Alto Networks’ Unit 42, combines phishing emails, Microsoft Teams voice calls, legitimate remote management tools, and a Node.js-based malware loader to […]

3 mins read

Vietnam arrests suspects behind HiAnime anime piracy service

​Vietnamese authorities have arrested and are prosecuting seven suspects believed to have run HiAnime, the largest anime piracy streaming service before its shutdown in June. HiAnime provided access to a massive library of English-subbed and dubbed anime without subscription fees, attracting several hundred million visitors each month and temporarily surpassing legal streaming platforms like Disney+ and Crunchyroll […]

2 mins read

Max severity Adobe ColdFusion flaw now exploited in attacks

Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security (CCCS) warned on Thursday. ColdFusion is a commercial web app development platform designed to help build and deploy enterprise-grade websites. The CVE-2026-48282 security flaw affects ColdFusion versions 2025.9, 2023.20, and earlier, and can be exploited by attackers […]

2 mins read

Flipper Zero firmware development continues with community help

Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. The announcement comes as the gadget maker decided to focus on building new devices, like the Flipper One open Linux platform, for which the company turned to the community’s help to complete development. There […]

2 mins read

JadePuffer ransomware used AI agent to automate entire attack

Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. According to cloud security company Sysdig, JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data. The […]

3 mins read

NetNut proxy network disrupted, 2 million infected devices cut off

A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. Also known as Popa, the NetNut botnet allowed cybercriminals and espionage groups to hide behind legitimate home internet addresses when launching attacks. According to the Google Threat Intelligence […]

3 mins read

ARToken PhaaS exposes EvilTokens’ Microsoft 365 phishing toolkit

A new phishing-as-a-service (PhaaS) platform dubbed “ARToken” appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365. Cisco Talos researchers discovered the platform while investigating phishing infrastructure used in an incident response engagement and identified a React-based management panel called “ARToken Panel” that exposed […]

4 mins read

Cisco finally confirms attackers exploiting Unified CM flaw

Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. Unified CM (formerly known as Cisco CallManager) is the central control system for Cisco IP telephony systems, handling call routing, device management, and telephony features. Threat actors without privileges can exploit the vulnerability (CVE-2026-20230) remotely in low-complexity […]

2 mins read