MEDUSA, an AI-first Static Application Security Testing (SAST) tool boasting 74 specialized scanners and over 180 AI agent security rules. This open-source CLI scanner targets modern development challenges like false positives and multi-language coverage. MEDUSA consolidates security scanning across 42+…
Hackers are Leveraging SEO Poisoning to Attack Users Looking for Legitimate Tools
Cybercriminals have adopted a deceptive strategy to compromise users searching for common software applications online. These attackers are using search engine optimization poisoning techniques to place malicious links at the top of search results. When unsuspecting users click on these…
Your Tier 1 Analyst at SOC Team Is Failing at Effective Triage. That’s a Business Problem
Security Operations Centers live or die by their ability to respond quickly and accurately to alerts. At the heart of this process is alert triage — the initial evaluation that decides whether an alert is a real incident, a false positive, or something that needs immediate…
Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors
Threat actors have started targeting companies in the insurance, e-commerce, and IT sectors through a critical vulnerability tracked as CVE-2025-55182, commonly known as React2Shell. This flaw exists in the Flight protocol that handles client-server communication for React Server Components, allowing…
China-linked group accused of spying on phones of UK prime ministers’ aides – for years
Reports say Salt Typhoon attackers accessed handsets of senior govt folk Chinese state-linked hackers are accused of spending years inside the phones of senior Downing Street officials, exposing private communications at the heart of the UK government.… This article has…
Memcyco Raises $37 Million for Anti-Impersonation Technology
The startup will use the investment to fuel global expansion of its agentless platform, including in Latin America. The post Memcyco Raises $37 Million for Anti-Impersonation Technology appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs This article has been indexed from www.infosecurity-magazine.com Read the original article: PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
Living Off the Web: How Fake Captcha Turned Trust Into a Malware Delivery Channel
Fake Captcha abuses trusted web interactions to deliver malware and evade traditional detection. The post Living Off the Web: How Fake Captcha Turned Trust Into a Malware Delivery Channel appeared first on eSecurity Planet. This article has been indexed from…
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws…
AI Agents Are Booking Travel: How Businesses Can Enable Revenue & Minimize Risk
AI agents are booking travel at scale. Learn how to enable agentic commerce, stop agent hijacking and loyalty fraud, and protect your revenue. The post AI Agents Are Booking Travel: How Businesses Can Enable Revenue & Minimize Risk appeared first…
WhatsApp-Based Astaroth Banking Trojan Targets Brazilian Users in New Malware Campaign
A fresh look at digital threats shows malicious software using WhatsApp to spread the Astaroth banking trojan, mainly affecting people in Brazil. Though messaging apps are common tools for connection, they now serve attackers aiming to steal financial data.…
Cyber Briefing: 2026.01.27
Malicious Chrome and VS Code tools spread phishing, ClickFix abuses Windows, breach claims rise, AI content probes grow, and surveillance expands. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.01.27
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088
Introduction The Google Threat Intelligence Group (GTIG) has identified widespread, active exploitation of the critical vulnerability CVE-2025-8088 in WinRAR, a popular file archiver tool for Windows, to establish initial access and deliver diverse payloads. Discovered and patched in July 2025,…
Critical vm2 Flaw Lets Attackers Bypass Sandbox and Execute Arbitrary Code in Node.js
A critical vulnerability in the vm2 JavaScript sandbox library (versions ≤ 3.10.0) enables attackers to bypass sandbox protections and execute arbitrary code with full system privileges. The flaw exploits improper sanitization of Promise callback functions, allowing remote code execution without…
ShinyHunters Group Targets Over 100 Enterprises, Including Canva, Atlassian, and Epic Games
A surge in infrastructure deployment that mirrors the tactics of SLSH, a predatory alliance uniting three major threat actors: Scattered Spider, LAPSUS$, and ShinyHunters. A sophisticated identity-theft campaign has emerged, targeting Single Sign-On (SSO) platforms particularly Okta across more than…
CISA Urges Public to Stay Alert Against Rising Natural Disaster Scams
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory alerting the public to heightened risks of malicious cyber activity targeting disaster victims. As natural disasters strike communities, threat actors capitalize on the chaos and emotional vulnerability of…
G_Wagon NPM Package Exploits Users to Steal Browser Credentials with Obfuscated Payload
A highly sophisticated infostealer malware disguised as a legitimate npm UI component library has been targeting developers through the ansi-universal-ui package. The malware, internally identified as “G_Wagon,” employs multi-stage obfuscation techniques to extract browser credentials, cryptocurrency wallets, cloud authentication keys,…
Attackers Hijack GitHub Desktop Repo to Spread Malware via Official Installer
Threat actors have successfully exploited a design flaw in GitHub’s fork architecture to distribute malware disguised as the legitimate GitHub Desktop installer. The attack chain begins with a deceptively simple but effective technique. Attackers create throwaway GitHub accounts and fork…
5 steps to approach BYOD compliance policies
<p>Endpoint usage policies must evolve as user behavior, device ownership models and regulatory expectations continue to shift. BYOD endpoints present especially complicated challenges for organizations, which have to ensure all endpoints meet data privacy and security regulations, despite not owning…
Over 100 Organizations Targeted in ShinyHunters Phishing Campaign
Domains set up by the threat actor suggest attacks aimed at Atlassian, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, and WeWork. The post Over 100 Organizations Targeted in ShinyHunters Phishing Campaign appeared first on SecurityWeek. This article has been indexed from…
India Cracks Down on Grok’s AI Image Misuse
The Ministry of Electronics and Information Technology (MeitY) of India has found that the latest restrictions on Grok’s image generation tool by X are not adequate to prevent obscene content. The platform, owned by Elon Musk, restricted the controversial…
Looking Beyond the Hype Around AI Built Browser Projects
Cursor, the company that provides an artificial intelligence-integrated development environment, recently gained attention from the industry after suggesting that it had developed a fully functional browser using its own artificial intelligence agents, which is known as the Cursor AI-based development…
Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS
Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage governance across the enterprise, including SaaS platforms, cloud services, APIs and agents. AI is deeply embedded…
Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer installed on…