Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
New macOS ClickFix attack silently mounts DMGs to push infostealer
A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files. The campaign is infecting Mac devices with the Atomic macOS Stealer (AMOS) infostealer, which steals browser credentials, cryptocurrency wallet data, Keychain data, messaging app information, and user documents. Researchers at Palo Alto […]
Scattered Spider members plead guilty to hacking Transport for London
Two members of the ‘Scattered Spider’ cybercrime group pleaded guilty to hacking the Transport for London (TfL) systems in 2024. The two individuals, Thalha Jubair (20) and Owen Flowers (18), breached the systems of London’s transportation service between August 31 and September 3, 2024, causing millions of pounds in losses. Jubair and Flowers previously declined involvement in […]
LastPass confirms data breach in Klue supply chain attack
LastPass announced that hackers accessed support cases containing customer data from its Salesforce environment after stealing the company’s OAuth tokens in the Klue supply chain attack earlier this month. The password management platform says its products, services, and infrastructure were not affected by the incident and that customer vaults remained secure. “On June 12th, LastPass […]
WhatsApp phishing attack uses fake business docs to hack PCs
An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access. The threat actor is using file names that indicate business and financial documents delivered by the victim’s contacts, whose accounts had been compromised. By downloading and executing the malicious attachments, the recipient […]
JaredFromSubway MEV bot hacked in $15 million crypto theft
The JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities. The drain was detected on Saturday by blockchain security firm Blockaid, and today, JaredFromSubway confirmed that the attacker used fake pools and tokens to trick the bot into approving […]
FFmpeg fixes PixelSmash flaw in widely used video decoder
A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. The vulnerability is tracked as CVE-2026-8461 and is a heap out-of-bounds write in the MagicYUV decoder. It received a high-severity score of […]
FortiBleed campaign used custom FortiGate sniffer to steal credentials
Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials. The report, published today, expands on the company’s previous research into the large-scale “FortiBleed” campaign, which revealed a collection of Fortinet VPN credentials associated with more than 80,000 firewall URLs worldwide. According to SOCRadar, […]
Microsoft fixes AutoGen Studio flaw that enabled code execution
A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage. AutoGen Studio is the graphical component for AutoGen, Microsoft’s open-source framework for building multi-agent AI systems. The framework allows developers to […]
AryStinger botnet infected thousands of D-Link routers worldwide
A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious traffic. Researchers at Qianxin’s XLab threat intelligence team say that the malware converts infected devices into remotely controlled “executors” that can perform scanning, proxying, tunneling, command execution, and other activities on behalf of the […]
New Prinz Eugen ransomware prioritizes recent files for encryption
A new ransomware operation named ‘Prinz Eugen’ prioritizes recently modified files for encryption and leaves no ransom note on the system. An investigation from Threatdown, the former corporate business unit of Malwarebytes, found that the Prinz Eugen hackers have a hands-on-keyboard style and prefer to use legitimate remote monitoring and management (RMM) software and living-off-the-land […]