Connect all the things and watch what happens This article has been indexed from www.theregister.com – Articles Read the original article: Connecting AI agents to outside services explodes the risk radius
Hidden Wi‑Fi Killers: Everyday Things Quietly Ruining Your Home Internet
Many everyday objects can quietly wreck your Wi‑Fi, and understanding them is the first step to a more stable home network. From kitchen gadgets to building materials, the invisible radio waves carrying your data are constantly competing with physical…
Helix Data Extortion Group Targets Microsoft SharePoint Using Vishing and MFA Abuse
Cybersecurity researchers have discovered a new data extortion group called Helix that has been targeting companies by using user credentials rather than software vulnerabilities. Helix has been employing voice phishing (vishing), device code phishing, and multi-factor authentication (MFA) abuse…
Weekly Cyber Security Newsletter Bulletin – EY Breach, Wpzshell Exploit, Notepad++ Flaws +20 Stories
This week’s cybersecurity situation shows a clear reality: every part of technology, from identity systems to common productivity tools, can be hacked or compromised. Microsoft’s July Patch Tuesday alone addressed roughly 570 vulnerabilities, including two zero-days already being exploited in…
IT Security News Hourly Summary 2026-07-19 18h : 3 posts
3 posts were published in the last hour 15:34 : Security Affairs newsletter Round 586 by Pierluigi Paganini – INTERNATIONAL EDITION 15:34 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 106 15:6 : Scans for Hikvision Intelligent Security API, (Sun, Jul 19th)
Security Affairs newsletter Round 586 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. OpenSSL…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 106
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CrashStealer: C++ macOS infostealer posing as crash reporter Lucide Proxy: Turning Student Web Proxies into DDoS Bots AsyncAPI…
Scans for Hikvision Intelligent Security API, (Sun, Jul 19th)
We have been following issues with Hikvision cameras for a long, long time. Like many similar products, Hikvision cameras have a long history of vulnerabilities and are often targeted by internet-wide scans that our honeypot network detects. This article has…
SonicWall SMA Zero-Days Exploited Before Disclosure to Gain Root Access
A previously undocumented threat actor has been attributed to the exploitation of recently disclosed SonicWall Secure Mobile Access (SMA) 1000 series VPN appliances as zero-days prior their public disclosure since June 22, 2026. Cybersecurity company Volexity is tracking the activity…
UAC-0145 Uses ClickFix CAPTCHAs to Infect Ukrainian Devices wih Malware
Russian state-sponsored threat actors have been observed leveraging the infamous ClickFix strategy to trick Ukrainian targets into infecting their own machines with data-stealing malware. According to the Computer Emergency Response Team of Ukraine (CERT-UA), the activity has been attributed to…
What is EDR (Endpoint Detection and Response)? How it Works in 2026
By HOC Team | Last updated: July 2026 | Read time: ~22 min On 19 July 2024, a single… The post What is EDR (Endpoint Detection and Response)? How it Works in 2026 appeared first on Hackers Online Club. This article…
Week in review: High severity WordPress vulnerabilities, fake OAuth IDs bypass sign-in logs
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Two new high severity WordPress vulnerabilities, patch immediately! The 7.0.2 WordPress security release addresses one critical and one high severity security issue. Cynative: Open-source deep…
Network Segmentation Tutorial: How to Segment Your Corporate Network (2026)
By HOC Team | Last updated: July 2026 | Read time: ~24 min In May 2017, the WannaCry ransomware… The post Network Segmentation Tutorial: How to Segment Your Corporate Network (2026) appeared first on Hackers Online Club. This article has been…
IT Security News Hourly Summary 2026-07-19 09h : 1 posts
1 posts were published in the last hour 6:33 : Attackers Can Take Over WordPress Sites Using Newly Released wp2shell Exploits
Attackers Can Take Over WordPress Sites Using Newly Released wp2shell Exploits
Public exploits are now available for two critical WordPress flaws that attackers can chain to gain remote code execution without authentication. Public proof-of-concept exploits are now available for the critical wp2shell vulnerabilities affecting WordPress Core. The flaws, tracked as CVE-2026-63030…
NadMesh Uses Shodan to Find and Hijack Exposed AI and MCP Infrastructure
A sharp structural shift has been identified in the botnet landscape. Security researchers at XLab have uncovered NadMesh, a Go-based botnet that has been spreading rapidly since early July 2026. This malware marks a distinct evolution from opportunistic worm behavior…
IT Security News Hourly Summary 2026-07-19 03h : 1 posts
1 posts were published in the last hour 0:6 : Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core
Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core
TL;DR: A critical pre-authentication Remote Code Execution (RCE) vulnerability, dubbed “wp2shell” (CVE-2026-63030), has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions, such as plugins or specific configurations. Given that WordPress powers…
IT Security News Hourly Summary 2026-07-19 00h : 1 posts
1 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-07-18
IT Security News Daily Summary 2026-07-18
41 posts were published in the last hour 19:31 : OpenSSL Fixes HollowByte Memory Exhaustion Bug 19:8 : Hugging Face Confirms AI-Driven Breach: Attackers used Autonomous Agents, defenders countered with AI 19:5 : IT Security News Hourly Summary 2026-07-18 21h…
OpenSSL Fixes HollowByte Memory Exhaustion Bug
Okta disclosed HollowByte, an 11-byte OpenSSL flaw that lets remote attackers exhaust server memory and trigger denial-of-service attacks. Okta’s Red Team disclosed a denial-of-service vulnerability in OpenSSL they named HollowByte, and the attack payload is exactly 11 bytes. A remote,…
Hugging Face Confirms AI-Driven Breach: Attackers used Autonomous Agents, defenders countered with AI
Hugging Face disclosed this week that it detected and contained a production infrastructure intrusion, driven end-to-end by an autonomous AI agent system, and defended against it using its own AI-based forensic analysis. The attackers exploited two code-execution flaws in Hugging…
IT Security News Hourly Summary 2026-07-18 21h : 1 posts
1 posts were published in the last hour 18:34 : Abbott Investigates Two Cyber Incidents Following Extortion Claims
Abbott Investigates Two Cyber Incidents Following Extortion Claims
Two separate cybersecurity incidents are being investigated by Abbott Laboratories after threat actors reportedly gained access to the company’s systems and accessed sensitive information. While one incident has been linked to the ShinyHunters extortion group, the other involves claims…