13 Jul, 2026

BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. Tracked as CVE-2026-1731, this pre-authentication remote code execution vulnerability stems from an OS command injection weakness discovered by Harsh Jaiswal and the Hacktron AI team, and it […]

2 mins read

Men charged in FanDuel scheme fueled by thousands of stolen identities

Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities of approximately 3,000 victims. 29-year-olds Amitoj Kapoor and Siddharth Lillaney, both of Glastonbury, Connecticut, were arrested Thursday following a 45-count indictment returned by a federal grand jury and were each […]

2 mins read

Microsoft: Exchange Online flags legitimate emails as phishing

Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. The incident began on February 5 and continues to affect Exchange Online customers, preventing them from sending or receiving emails. “Some users’ legitimate email messages are being marked as phish and quarantined in Exchange Online,” Microsoft said in […]

2 mins read

European Commission discloses breach that exposed staff data

The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. The Commission said on Friday that it detected traces of a cyberattack targeting infrastructure that manages its staff’s mobile devices. While the attackers may have accessed some staff members’ personal information, including names and phone numbers, the […]

2 mins read

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution.  Available on GitHub and also as an npm package, the tool works by hooking into the user’s shell (zsh, bash, fish, PowerShell) and inspecting every command the user pastes for execution. The idea […]

3 mins read

State actor targets 155 countries in ‘Shadow Campaigns’ espionage op

A state-sponsored threat group has compromised dozens of networks of government and critical infrastructure entities in 37 countries in global-scale operations dubbed ‘Shadow Campaigns’. Between November and December last year, the actor also engaged in reconnaissance activity targeting government entities connected to 155 countries. According to Palo Alto Networks’ Unit 42 division, the group has […]

6 mins read

Payments platform BridgePay confirms ransomware attack behind outage

A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay’s platform. Ransomware confirmed within hours of outage BridgePay Network Solutions confirmed late Friday that the incident disrupting […]

3 mins read

DKnife Linux toolkit hijacks router traffic to spy, deliver malware

A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. The framework serves as a post-compromise framework for traffic monitoring and adversary-in-the-middle (AitM) activities. It is designed to intercept and manipulate traffic destined for endpoints (computers, mobile devices, IoTs) on the network. […]

4 mins read

CISA warns of SmarterMail RCE flaw used in ransomware attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that ransomware actors are exploiting CVE-2026-24423, a critical vulnerability in SmarterMail that allows remote code execution without authentication. SmarterMail is a self-hosted, Windows-based email server and collaboration platform from SmarterTools. The product provides SMTP/IMAP/POP mail services along with webmail, calendars, contacts, and basic groupware functionality. It is commonly […]

2 mins read