Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was…
Attackers are Exploiting Trust in 2026, not Just Technology
Attackers are exploiting trust, not just technology, making continuous identity verification more critical than ever. The post Attackers are Exploiting Trust in 2026, not Just Technology appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Top 25 Cybersecurity Companies in 2026
Learn about the top 25 cybersecurity companies in 2026 and what each does best. The post Top 25 Cybersecurity Companies in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Top…
IT Security News Hourly Summary 2026-07-17 21h : 4 posts
4 posts were published in the last hour 18:6 : Industry reacts to Gold Eagle vulnerability management plan 18:6 : A cyberattack hit Nichirei, one of Japan’s largest food companies 18:5 : PentestCode – New AI Agent That Automates Penetration…
Industry reacts to Gold Eagle vulnerability management plan
<p>The tech industry is cautiously optimistic about the U.S. government’s announcement this week to create a centralized clearinghouse for AI-discovered vulnerabilities. The key, executives and analysts said, will be how well the new initiative executes on its mission to collect…
A cyberattack hit Nichirei, one of Japan’s largest food companies
A cyberattack hit one of Japan’s largest food companies, Nichirei, disrupting logistics and shipments. The company is gradually restoring operations. Nichirei is one of Japan’s largest food companies, best known for its frozen food business. Founded in 1942 and headquartered…
PentestCode – New AI Agent That Automates Penetration Testing with 18 Specialized Tools
A new open-source tool is bringing autonomous AI agents into offensive security workflows. PentestCode, a hard fork of OpenCode rebuilt specifically for penetration testing, runs security tools, analyzes their output, and makes tactical decisions all from a terminal interface, with…
EY Data Breach – Hackers Gain Access to IT Support System and Download Documents
Ernst & Young LLP (EY) is notifying clients that an unauthorized third party breached a support ticket platform used by its IT staff, downloading documents containing client tax data during a roughly two-week window this spring. The Big Four accounting…
Ransomware Attack on Coca-Cola-Owned Fairlife Halts Production Across the United States
Coca-Cola has reported a ransomware attack affecting its dairy subsidiary, Fairlife, resulting in a temporary shutdown of production operations across the United States. This incident was disclosed in a Form 8-K filing submitted to the U.S. Securities and Exchange Commission…
EU Orders Google To Share Android Mic, Camera, GPS, Search Data – A Report
In a major antitrust decision, the European Commission has ordered Google to give other AI assistants the same… The post EU Orders Google To Share Android Mic, Camera, GPS, Search Data – A Report appeared first on Hackers Online Club.…
GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft
Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel, which shared technical details of the event, described the threat actor as a sub-group of GoldenEyeDog (aka APT-Q-27, Dragon Breath, and Miuuti…
New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator’s own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and…
Microsoft at Black Hat USA 2026: Defending trust in the age of AI and supply chain attacks
Join Microsoft Security at Black Hat USA 2026 for supply chain research, hands-on security experiences, expert conversations, and our reception. The post Microsoft at Black Hat USA 2026: Defending trust in the age of AI and supply chain attacks appeared…
Every SOC Today Is Answering the Wrong Question
Ask most detection engineers what a SOC does, and they’ll say: it finds compromised machines. That’s the wrong question. Attackers stopped compromising machines as the primary objective years ago — machines are just where identities and trust relationships happen to…
FBI arrests man accused of using Steam games to drain victims’ crypto wallets
Prosecutors accused 21-year-old student Zyaire Wilkins of publishing on Steam several fake video games that contained malware, infecting thousands of victims, and stealing crypto from some of them. This article has been indexed from Security News | TechCrunch Read the…
AI spam filters are getting suckered by old-school text salting
Turns out decades-old email tricks still work against some LLM-powered email filters This article has been indexed from www.theregister.com – Articles Read the original article: AI spam filters are getting suckered by old-school text salting
Bitdefender Uncovers Windows Bind Link Technique That Evades EDR Detection
Researchers at Bitdefender have discovered a new technique for hiding malware from Endpoint Detection and Response (EDR) solutions by utilizing bind links, a valid Windows feature. Despite Microsoft’s classification of this issue as low severity due to the fact…
Deepfake Cyber Fraud Costs Capillary Technologies Over ₹32 Crore
Capillary Technologies’ recent deepfake-enabled cyber fraud incident highlights how rapidly evolving AI tools are transforming from business enablers into serious security threats for global enterprises. The Bengaluru-based SaaS company disclosed that an overseas step-down subsidiary lost around €3 million,…
UK Court Sentences Two Hackers to 5.5 Years for Transport for London Cyberattack That Caused £29 Million in Damages
Two hackers have been sentenced to five and a half years in prison each for carrying out the 2024 cyberattack on Transport for London (TfL), in what the UK’s National Crime Agency (NCA) has described as the country’s largest…
TRAI Seeks IT Act Powers to Act Against Spam-Tagging Apps Like Truecaller
The Telecom Regulatory Authority of India (TRAI) seeks new powers in the Information Technology (IT) Act to take action against call management apps, including Truecaller, Hiya, and Whoscall, for marking or blocking legitimate commercial calls as spam. The regulator…
Coca-Cola says ransomware attack disrupts Fairlife operations, temporarily suspends U.S. dairy production
The Coca-Cola Company has revealed that a ransomware attack targeting its Fairlife dairy business has temporarily disrupted production across the United States after threat actors gained unauthorized access to company systems, including those supporting manufacturing operations. The incident was…
IT Security News Hourly Summary 2026-07-17 18h : 6 posts
6 posts were published in the last hour 15:34 : Amazon fixing bug that billed some AWS customers billions of dollars 15:34 : UK’s Largest Cybercrime Case Ends in Prison for Spider Hacker 15:34 : Ransomware attack forces Coca-Cola to…
Amazon fixing bug that billed some AWS customers billions of dollars
Some Amazon customers logged on Friday to a surprise bill estimate claiming that they owed the tech and cloud giant billions in fees. This article has been indexed from Security News | TechCrunch Read the original article: Amazon fixing bug…
UK’s Largest Cybercrime Case Ends in Prison for Spider Hacker
Scattered Spider Hackers Sentenced over Mass-Affecting Transit Attack Two well-known members of the notorious hacking group Scattered Spider were sentenced to prison in the UK on July 16, 2026. Owen… The post UK’s Largest Cybercrime Case Ends in Prison for…