Latest Cybersecurity News
View all →Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini July 05, 2026 A new round of the weekly Security Affairs newsletter…
Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra
The zeroday.cloud competition may be over, but the race is just beginning. Last week in London, Wiz Research hosted a first-of-its-kind cloud hacking competition in…
Alibaba to Ban Claude Code Over Alleged Embedded Backdoor Risks
Alibaba is reportedly set to ban Anthropic’s Claude Code from its internal workplace environments starting July 10, 2026, over alleged embedded backdoor risks. The company…
Verified X Sponsored Ad Spreads Mac Malware While ConsentFix Hijacks Microsoft 365 Accounts
A Mac-targeting ClickFix campaign amplified through a verified X sponsored ad, and a novel browser-based hijack technique called ConsentFix that exfiltrates Microsoft 365 session tokens…
PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data.…
MCP to Vibe Coding Full Endpoint Visibility in AI Security
Introduction Everywhere AI is being adopted, new application endpoints appear. From Vibe Coding tools to large-scale model APIs and pipelines, these endpoints are the front…
Hackers Abuse SEO Poisoning and Hidden HTML to Trick AI Agents Into Following Malicious Instructions
Artificial intelligence agents are quickly becoming the new front door to the internet, and attackers have noticed. A fresh wave of malicious websites is using…
Avalon Malware Uses Legal Document Lure to Deliver CrownX Ransomware Capabilities
A previously undocumented malware framework, tracked as Avalon, that uses a spoofed legal-document lure and a multi-stage, fileless-oriented chain to deliver a ransomware component internally…
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia,…