CISA issued an emergency directive for CVE-2026-50751, a CVSS 9.3 authentication bypass in Check Point Remote Access VPN that was actively exploited weeks before disclosure. Qilin ransomware affiliates used the flaw to breach dozens of organizations by abusing IKEv1-enabled VPN gateways for authenticated access, exfiltration, and command-and-control. #CVE-2026-50751 #CheckPoint #CISA #Qilin #IKEv1
Category: Cyber Security News
Google has released Chrome 149 to fix 18 security vulnerabilities, including four critical and 14 high-severity flaws, with most of the issues tied to use-after-free bugs that could potentially enable remote code execution. The update is now rolling out for Windows, macOS, and Linux, and Google has not reported any active…
NIST is seeking public feedback on updated IoT security guidelines in SP 800-213 Revision 1, which aim to better align cybersecurity requirements with current risk management needs. The draft emphasizes treating IoT products as system elements and includes clearer guidance for organizations integrating them into federal systems. #NIST #SP800-213 #SP800-213A…
Curl has released a major update that patches 18 vulnerabilities, including CVE-2026-8932, a flaw introduced in version 7.7 from 2001 that could allow authentication bypass in libcurl applications. The update was prompted by community research and AI-assisted discovery from Anthropicβs Mythos and Aisle, highlighting risks in long-forgotten code paths across the…
Daily Recap, U.S. authorities seized Huione-related infrastructure tied to cyber scam laundering, while a Scattered Spider member pleaded guilty to hacking Transport for London and courts ordered takedowns of the Amadey and Stealc cybercrime ecosystems. The day also covered active exploitation of Cisco Unified CM (CVE-2026-20230), FortiGate credential harvesting linked to FortiBleed, and emerging AI/attack risks including a fake brand-landingpage agent skill reaching 26,000 agents.
#Huione #ScatteredSpider #TransportForLondon #Amadey #Stealc #CiscoUnifiedCM #CVE-2026-20230 #Ubiquiti #FortiGate #FortiBleed #Mistic #KongTuke #ClickFix #brand-landingpage #Anthropic #Mythos #U.S. #TataElectronics #Xolis #DraftKings
Nathan Austad, known as “Snoopy,” was sentenced to 18 months in prison for helping hack DraftKings accounts in the November 2022 attack. He and his co-conspirators compromised tens of thousands of accounts, stole $600,000, and used stolen access to add payment methods and profit from the scheme. #DraftKings #NathanAustad #Snoopy #JosephGarrison #KamerinStokes
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
Mandiant said an attacker used a previously unknown Cisco zero-day vulnerability to compromise a communications service provider and gain root-level access inside its network. The campaign targeted Cisco Catalyst SD-WAN Manager and related edge devices, with evidence of stealthy activity, unauthorized peering connections, password manipulation, and a rogue account named βtroot.β #Cisco #Mandiant #CiscoCatalystSDWANManager #CVE-2026-20245 #CVE-2026-20127 #CVE-2026-20182
Service desk social engineering is a highly effective attack path because it exploits human trust to reset credentials, bypass MFA, and gain legitimate access to corporate systems. Recent incidents involving Scattered Spider, Silent Ransom Group, Marks & Spencer, Co-op, Harrods, and Carnival Corporation show how attackers impersonate employees or IT support to move quickly from help desk access to data theft or ransomware. #ScatteredSpider #SilentRansomGroup #MarksandSpencer #Coop #Harrods #CarnivalCorporation
A malicious Microsoft Edge extension called Edgecution was used in a ransomware-related attack to escape the browser sandbox and deploy a Python-based backdoor. The campaign relied on fake Microsoft support pages, Chrome Native Messaging, and a disguised Edge Monitoring Agent to run commands and maintain persistence. #Edgecution #PayoutsKings #MicrosoftEdge #MicrosoftTeams #OutlookUpdatesManagementConsole
Mandiant revealed that CVE-2026-20245 in Cisco Catalyst SD-WAN was used in zero-day attacks to escalate privileges and create a rogue root account named βtrootβ on targeted devices. The intrusion involved unauthorized SD-WAN peering, stolen or bypassed access, malicious CSV uploads, and extensive cleanup to hide evidence of compromise. #Cisco #CatalystSDWAN #Mandiant #CVE202620245 #troot
A coordinated international law enforcement operation with support from Bitdefender, Bitsight, ESET, and Microsoft dismantled infrastructure used by Amadey and StealC, disrupting the malware supply chain behind credential theft, fraud, and ransomware attacks. The takedown recovered millions of stolen credentials, restricted over $47 million in criminal crypto assets, and shut down…
CISA warned that CVE-2025-67038 in Lantronix EDS5000 Series devices is being actively exploited, and FCEB agencies must apply the fix by June 26, 2026. The advisory also highlighted active exploitation of UniFi OS flaws chained as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, which can lead to root-level code execution and broader network compromise….
AI agents can be manipulated by malicious content hidden in webpages, files, emails, and tools, causing them to trust false instructions, poison memory, or take unintended actions. Google DeepMind and security researchers describe six trap categories and emphasize that strong source verification, restricted permissions, and human approval are essential to keep…
Microsoft, Europol, and international partners disrupted infrastructure used by the Amadey, StealC, and SocGholish (FakeUpdates) malware operations under Operation Endgame. The action took down hundreds of servers and domains, seized stolen credentials and crypto-linked assets, and targeted the tools cybercriminals use to gain access and deploy ransomware. #Amadey #StealC #SocGholish #FakeUpdates #Microsoft #Europol #OperationEndgame
CISA is warning that hackers are actively exploiting critical flaws in Ubiquiti UniFi OS and Lantronix EDS5000 serial-to-ethernet servers, prompting urgent patching under BOD 26-04. The issues include remote code execution, access control bypass, and path traversal bugs that can lead to full system compromise and sensitive data exposure. #Ubiquiti #UniFiOS #Lantronix #EDS5000 #CVE-2026-34908 #CVE-2026-34909 #CVE-2026-34910 #CVE-2025-67038