Cybersecurity News
Global headlines curated by our intelligent agents.
Latest News
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Showboat targets Linux telecom systems since mid-2022, enabling C2 access, proxying, and file theft across multiple countries.
The new Flipper One is a pocket-sized Linux computer
The hardware’s not finalized, but the more powerful Flipper One won’t be a replacement for the Flipper Zero.
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Active Defender exploits hit CVE-2026-41091 and CVE-2026-45498; June 3 fixes reduce SYSTEM and DoS risk.
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 with a CVSS score of 5.5.
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal released security updates for a highly critical Drupal Core vulnerability affecting sites that use PostgreSQL.
Apple server schematics stolen in May 2026 Foxconn cyberattack, AppleInsider confirms
Leaked documents may be tip of the iceberg in Foxconn hack, as only Apple server schematics have been shared so far. More damaging documents may come later.
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft disrupted Fox Tempest’s MSaaS using 72-hour certificates, cutting signed malware delivery worldwide.
App Store fraud prevention a big numbers game powered by AI & human review
Artificial intelligence has helped Apple's human-based App Store Review process prevent over $2.2 billion in fraudulent transactions in 2025. It also rejected more harmful apps than ever before.
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Webworm added EchoCreep and GraphWorm in 2025, using Discord and Microsoft Graph API C2 to expand stealth operations.
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
Microsoft released mitigations for YellowKey, a publicly disclosed BitLocker bypass tracked as CVE-2026-45585 with a CVSS score of 6.8.
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
Grafana GitHub breach stemmed from TanStack npm attack; missed token exposed repos, not customer production systems.
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
GitHub is investigating unauthorized access to internal repositories after TeamPCP listed alleged source code and internal organizations for sale.
Trump Mobile finally has a real phone, but it may also have a real data leak
A security exploit on the Trump Mobile site may have revealed customer data, and that isn't the only embarrassing aspect for the company.
Google wants to compete with Anthropic’s Mythos
The company is marketing its CodeMender tool as a way to “help secure the world’s code bases.”
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Trapdoor used 455 Android apps and 183 C2 domains, generating 659M daily bid requests and fueling ad fraud.
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
DirtyDecrypt PoC targets CVE-2026-31635 in CONFIG_RXGK Linux systems, enabling local privilege escalation.
The New Phishing Click: How OAuth Consent Bypasses MFA
OAuth consent is the phishing vector MFA misses—long-lived tokens and cross-app access bypass trusted identity controls.
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Seven SEPPMail Secure E-Mail Gateway flaws disclosed, including RCE, path traversal, authorization, deserialization, and eval injection flaws.
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Nx Console 18.95.0 fetched a 498 KB stealer via GitHub orphan commit, exposing developer secrets and forcing credential rotation.
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production
New infostealer malware hides on Mac disguised as official Apple tools
Security researchers say a new macOS infostealer called SHub Reaper disguises itself as Apple security software to steal passwords, cryptocurrency wallets, and sensitive files.
How to Reduce Phishing Exposure Before It Turns into Business Disruption
Phishing links exposed in 40 seconds across U.S. sectors, helping SOCs cut MTTR by 21 minutes and triage 94% faster.