Cyber Security News

The GlassWorm supply chain attack targeting the Open VSX marketplace has escalated with the discovery of 73 new “sleeper” extensions. Identified in April 2026, this cluster marks a dangerous shift in how threat actors distribute malware to software developers. This activity follows a major wave discovered in March 2026, where researchers documented 72 malicious Open […]

The post 73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign appeared first on Cyber Security News.

A critical zero-day vulnerability in the Litecoin network was actively exploited to launch a denial-of-service (DoS) attack, temporarily disrupting operations across major mining pools before developers issued a full patch. Security researchers confirmed the flaw allowed threat actors to inject an invalid MWEB (MimbleWimble Extension Block) transaction into unpatched nodes, triggering a cascade of network […]

The post Litecoin Zero-Day Vulnerability Exploited in DoS Attack, Disrupts Major Mining Pools appeared first on Cyber Security News.

PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of Windows. The research was presented by Kaspersky application security specialist Haidar Kabibo at Black Hat Asia 2026 on April 24 and details five distinct exploitation paths, none of which have […]

The post New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding two actively exploited vulnerabilities in SimpleHelp remote support software. Remote access tools are highly valued targets for cybercriminals because they provide direct pathways into corporate networks. When compromised, these platforms allow threat actors to bypass traditional security perimeters and launch devastating secondary […]

The post CISA Warns of Multiple SimpleHelp Vulnerabilities Exploited in Attack appeared first on Cyber Security News.

Anthropic’s “Project Deal” has demonstrated that AI agents can autonomously negotiate and close real-world transactions, but the experiment also surfaced a quiet, troubling asymmetry: not all AI representations are created equal. In December 2025, Anthropic transformed its San Francisco office into a live classified marketplace, a Craigslist-style platform with a critical twist. Rather than negotiating […]

The post Claude AI Agents Close 186 Deals in Anthropic’s Marketplace Experiment appeared first on Cyber Security News.

OpenAI has announced a new Bio Bug Bounty program for GPT-5.5 as part of its efforts to improve safety controls for advanced AI systems and to address misuse in biology. The initiative invites qualified researchers to test whether GPT-5.5 can be universally jailbroken to bypass biosecurity protections. The program is focused on one specific challenge: […]

The post GPT‑5.5 Bio Bug Bounty to Strengthen Advanced AI Capabilities appeared first on Cyber Security News.

A critical scope overreach vulnerability was recently identified in the Microsoft Entra Agent Identity Platform. The newly introduced Agent ID Administrator role allowed accounts to hijack arbitrary service principals and escalate privileges across the entire tenant. Microsoft has fully patched this behavior across all cloud environments as of April 2026. How the Permission Boundary Breaks […]

The post Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals appeared first on Cyber Security News.

Home security giant ADT Inc. has confirmed a data breach after the notorious threat group ShinyHunters claimed to have stolen over 10 million records and issued a ransom ultimatum — “Pay or Leak.” ADT, headquartered in Boca Raton, Florida, disclosed the incident via a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC) […]

The post ADT Confirms Data Breach Following ShinyHunters Data Leak Claim appeared first on Cyber Security News.

State-sponsored threat actors are actively targeting Cisco Firepower devices by chaining known vulnerabilities to deploy a highly customized backdoor. Cisco Talos recently discovered that the espionage-focused threat group UAT-4356 is exploiting two n-day vulnerabilities, tracked as CVE-2025-20333 and CVE-2025-20362, to infiltrate Firepower Extensible Operating System (FXOS) environments. UAT-4356 previously orchestrated the ArcaneDoor campaign, which successfully […]

The post Hackers Exploiting Cisco Firepower Devices’ Using n-day Vulnerabilities to Gain Unauthorized Access appeared first on Cyber Security News.

A recent technical audit by privacy researcher Alexander Hanff has revealed that Anthropic’s Claude Desktop application for macOS silently installs a Native Messaging bridge into the directories of several Chromium-based browsers. This undocumented behavior occurs without user consent, raising significant privacy and security concerns within the cybersecurity community. When a user installs Claude Desktop (Claude.app), […]

The post Claude Desktop Reportedly Adds Browser Access Bridge to Multiple Chromium-Based Browsers appeared first on Cyber Security News.

Most internet users are familiar with CAPTCHA tests, simple challenges like selecting traffic lights or typing distorted letters to confirm they are human. But cybercriminals have found a way to weaponize this process. Hackers are now building fake CAPTCHA pages that trick users into sending paid international text messages, quietly charging their phone bills. This […]

The post Hackers Use Fake CAPTCHA Pages to Trigger Costly International SMS Fraud appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a purpose-built PowerShell script hosted on Pastebin that is designed to silently steal Telegram session data from both desktop and web-based clients. The script is disguised as a routine Windows system update, making it easy for unsuspecting users to run it without raising any alarms. The malicious script is titled “Windows […]

The post Hackers Use Pastebin-Hosted PowerShell Script to Steal Telegram Sessions appeared first on Cyber Security News.

A North Korea-linked hacking group known as Void Dokkaebi, also tracked as Famous Chollima, is running a campaign that tricks software developers into installing malware through fake job interviews. The group lures developers into cloning infected code repositories as part of a fabricated coding test, then turns their machines and projects into malware-spreading tools. The […]

The post Void Dokkaebi Hackers Use Fake Job Interviews to Spread Malware via Code Repositories appeared first on Cyber Security News.

Security cameras are designed to keep commercial facilities safe. However, a newly disclosed critical vulnerability in Hangzhou Xiongmai Technology’s XM530 IP Cameras is putting networks at risk. Tracked under the alert code ICSA-26-113-05 and officially designated as CVE-2025-65856, this flaw allows cybercriminals to bypass authentication entirely. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued […]

The post Xiongmai IP Camera Vulnerability Let Attackers Bypass Authentication and have Remote Access appeared first on Cyber Security News.

A security vulnerability has been discovered in Python’s Windows asyncio implementation, allowing attackers to trigger out-of-bounds memory writes through a missing boundary check in network socket operations. The vulnerability, tracked as CVE-2026-3298, carries a high severity rating. It exclusively affects Windows platforms and was publicly disclosed on April 21, 2026. The flaw exists in the sock_recvfrom_into() method of Python’s asyncio.proactorEventLoop class, which is Windows’ native […]

The post Python Vulnerability Allows Out-of-Bounds Write on Windows Systems appeared first on Cyber Security News.

The notorious cybercriminal group ShinyHunters has claimed responsibility for a major data breach targeting Udemy, Inc. (udemy.com), one of the world’s largest online learning platforms, and has alleged the compromise of over 1.4 million records containing personally identifiable information (PII) and internal corporate data. The claim was first observed on April 24, 2026, when ShinyHunters […]

The post Udemy Data Breach – ShinyHunters Allegedly Claims Compromise of 1.4M User Records appeared first on Cyber Security News.

A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models locally. Tracked as CVE-2026-5757, this severe memory leak allows unauthenticated remote attackers to extract sensitive data directly from a server’s heap. Discovered by security researcher Jeremy Brown via AI-assisted vulnerability research and disclosed publicly on April […]

The post Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data appeared first on Cyber Security News.

A new and fast-moving cyber threat has emerged, where hackers linked to China are quietly building large networks of compromised routers and edge devices to carry out covert cyber operations against organisations around the world. Rather than setting up their own infrastructure from scratch, these threat actors have taken a smarter and far cheaper approach. […]

The post Hackers Abuse Compromised Routers to Hide China-Linked Cyber Operations appeared first on Cyber Security News.

A newly exposed server has revealed how a threat actor used automated tools, AI assistance, and Telegram bots to silently hack into more than 900 companies around the world. The operation, built around a tool called “Bissa scanner,” targeted internet-facing web applications at a massive scale, harvested sensitive credentials, and sent real-time exploit alerts straight […]

The post Hackers Use Telegram Bots to Track 900+ Successful React2Shell Exploits appeared first on Cyber Security News.

Ransomware attackers are no longer relying only on widely known tools to steal data. Affiliates linked to the Trigona ransomware group have taken a more calculated approach by building their own custom data exfiltration tool, one that gives them greater precision, speed, and control over the data theft process. The Trigona ransomware first surfaced in […]

The post Ransomware Hackers Develop Custom Exfiltration Tool to Steal Sensitive Data appeared first on Cyber Security News.