Live Cybersecurity News

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. [...]

SoFi confirms third-party data breach at Hong Kong subsidiary

SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information. [...]

New Apple feature automatically changes your compromised passwords

At WWDC 26, Apple announced an Apple Intelligence-powered feature that can automatically fix weak and compromised passwords. This works in Safari, and it's rolling out with iOS 27.

Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks

The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to stea

Check Point VPN Flaw Exploited Since Early May

A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.

UK gives big tech 3 months to create device controls to block nude images of kids

The companies “must activate built-in features or implement technical solutions on smartphones and tablets to detect and block nude images for children,” according to a press relea

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container

Iran Signed a Ceasefire — Its Hackers Didn't

An extension of the Geneva Conventions could impose restrictions on cyberwarfare under ceasefire conditions and close a major loophole in international conflict.

WhatsApp says it disrupted new NSO spyware phishing attacks

WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. [...]

A Security Raises $37 Million for Autonomous Offensive Security Platform

The company founded by Yossi Torati, Omer Gull, and Yuval Itzchakov has emerged from stealth mode. The post A Security Raises $37 Million for Autonomous Offensive Security Platform

Armenia’s pro-Europe party wins election despite Russia-linked disinformation

Pashinyan's Civil Contract party won nearly 50% of Sunday's vote, defeating the pro-Russian Strong Armenia party led by Russian-Armenian billionaire Samvel Karapetyan, which receiv

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contemp

WhatsApp says NSO targeted users with spearfishing attacks in violation of court order

WhatsApp said it is filing a federal court contempt order against NSO for violating a permanent injunction that bars it from mounting attacks against its users.

Gogs patches critical zero-day enabling remote code execution

Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). [...]

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. [...]

Everybody Is Vibe Coding But Nobody Told the Security Team

AI-driven development is not something organizations can or should block. But it must be governed. The post Everybody Is Vibe Coding But Nobody Told the Security Team appeared firs

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1

Russia upgrades rules for its digital spy system to better track citizens online

New regulations published by Russia's Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the System for Operative I

Reducing security operations complexity with Wazuh Cloud

Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud helps simplify SIEM

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order

The Meta-owned communications app is filing a federal court contempt order against NSO. The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on

AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload

Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still

Check Point links VPN zero-day attacks to Qilin ransomware gang

Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in z

Cybersecurity M&A Roundup: 26 Deals Announced in May 2026

Significant cybersecurity M A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler. The post Cybersecurity M A Roundup: 26 Deals Announced in May 20

Everest Forms Vulnerability Exploited to Hack WordPress Sites

The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sit

The Hardest Fork

Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this l

174,000 Impacted by Lansing Community College Data Breach

Hackers accessed personal information stored on certain Lansing Community College systems in February 2025. The post 174,000 Impacted by Lansing Community College Data Breach appea

Oxford University discloses data breach after careers platform hack

The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been

Silent Ransom Group Uses DNS Fast Flux in Attacks

Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C C infrastructure. The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeare

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRI

OpenAI Rolling Out ChatGPT Account Security Controls

The Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant. The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first o

Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow

The proposed coordination would let advanced AI labs verify that global rivals have actually stopped or slowed their work. The post Anthropic Urges Industry Coordination to Allow f

SolarWinds Serv-U Vulnerability Exploited in the Wild

Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild app

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically t

Over 20,000 Instagram accounts stolen in Meta AI support hack

Meta has revealed that 20,225 Instagram users had their accounts hijacked in a recent incident where attackers used Meta's AI-powered support system to reset passwords. [...]

Hands on with Intelligent Terminal, an AI-powered Windows Terminal

Microsoft has created an open-source fork of Windows Terminal called "Intelligent Terminal," and it allows you to use AI directly inside Terminal without interfering with the regul

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The featur

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that re

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Know

Exposed Fuel Tank Gauges Under Attack in the US

Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.

Adaptive, Agentic AI Worms Loom as Next Enterprise Threat

AI worms, or viruses with wings and brains, adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say.

EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers

The package bundles two draft laws — a Chips Act 2.0 and a Cloud and AI Development Act (CADA) — alongside an Open Source Strategy and a roadmap for digitalizing the energy system.

Trump AI Order Seeks Voluntary Frontier Model Testing

The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.

Rust-Written IronWorm Hits NPM Supply Chain

Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.

China's TA4922 Expands Cybercrime Attacks Globally

One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.