Latest stories — Page 15

Ransomware

FortiBleed Credential Haul Now Feeding INC and Lynx Ransomware Crews

A single operator was spotted running negotiation panels for both gangs, turning stolen FortiGate logins into ransomware payloads.

2 min
Ransomware

Sysdig Flags 'JADEPUFFER' as First End-to-End AI-Run Ransomware Attack

Researchers say a large language model handled intrusion, lateral movement and destruction of a production database without a human at the keyboard.

2 min
Threat Intelligence

ChocoPoC: The Fake Exploit Repos Turning Bug Hunters Into Victims

A Python-based infostealer is hiding inside GitHub proof-of-concept code marketed to vulnerability researchers, siphoning credentials, cookies, and files before dropping a remote shell.

2 min
Vulnerabilities

CISA Flags SharePoint Deserialization Bug CVE-2026-45659 as Actively Exploited

The RCE flaw joins KEV with a three-week federal patch deadline. Attribution details remain thin.

2 min
AI Security

DeepSeek-Generated PoC Ransomware Runs Entirely in the Browser via Chromium File System Access API

Researchers documented what they describe as the first frontier-model-produced malware artifact combining LLM ideation with a legitimate Chromium capability to encrypt user files without a native binary.

3 min
AI Security

Cursor IDE's Sandbox Cracked by Prompt Injection — No User Interaction Required

Two logic flaws in Cursor's command execution sandbox let attackers escape the isolation layer and run code on the underlying OS. Patches landed in April. The researchers say Cursor isn't alone.

2 min
Threat Intelligence

ChocoPoC RAT Hides in Fake GitHub Exploits, Targets Security Researchers

A cluster of trojanized proof-of-concept repositories is pushing a Python-based RAT to the very people who go looking for them.

2 min
Threat Intelligence

Scattered Spider Suspect, 19, Extradited From Finland to Chicago

Peter Stokes, a dual U.S.-Estonian citizen, faces conspiracy, intrusion and fraud charges tied to the loose-knit crew behind a string of high-profile enterprise breaches.

2 min
Vulnerabilities

No Patch, No CVE: Argo CD Repo-Server Flaw Opens Door to Kubernetes Cluster Takeover

Synacktiv reported the unauthenticated RCE bug to maintainers. There's still no fix.

3 min
Threat Intelligence

ScreenConnect Turned Loader: Trojanized Installers Push AsyncRAT via Spoofed Software Sites

A sprawling campaign is abusing a legitimate RMM binary to sideload AsyncRAT onto victims chasing free copies of OBS Studio, Bandicam, and other utilities.

2 min
Threat Intelligence

VEIL#DROP: Blogger-Hosted Chain Drops PureLogs Stealer

Researchers flag a multi-stage delivery scheme abusing Google's Blogger platform to stage PureLogs, an infostealer sold in underground forums.

2 min
Policy & Regulation

Microsoft Tightens Teams Meeting Controls for External AI Bots

A new admin policy requires organizer approval before automated external participants can join Teams meetings — a quiet but consequential shift in how enterprises govern AI access to sensitive calls.

2 min
Breaches

DHS Probes Intrusion Into HSIN, the Federal Info-Sharing Platform

The Homeland Security Information Network was compromised, according to the department. Attribution remains open. The exposure question is bigger than the intrusion itself.

3 min
Policy & Regulation

Behavioral AI Pitched as Answer to Identity-Abuse Phishing, But Regulators Still Set the Bar

A vendor webinar makes the case for behavioral detection against BEC and account takeover. The compliance questions sit underneath.

2 min
AI Security

DuneSlide: Two Cursor Bugs Turn a Prompt Into a Shell

A pair of 9.8-rated flaws in the AI code editor let a single crafted prompt escape the sandbox and execute arbitrary commands — no user approval required.

2 min
Threat Intelligence

Ousaban Resurfaces in Iberia, Hiding Bank-Stealer Payloads Inside Images

A Brazilian trojan pivots to Spanish and Portuguese banking customers, using geofenced PDF lures and steganography to bury its real payload.

3 min
Vulnerabilities

Adobe Ships Emergency Fixes for Seven CVSS 10.0 Bugs in ColdFusion, Campaign Classic

Out-of-band advisories cover arbitrary code execution and privilege escalation paths. Administrators face a short remediation window before public exploit code is likely.

2 min
Vulnerabilities

Active Exploitation Reported Against Progress Kemp LoadMaster Pre-Auth RCE (CVE-2026-8037)

Threat responders flag in-the-wild attempts against a 9.6-rated OS command injection flaw in the load balancer, days after Progress issued a fixed build.

2 min
AI Security

DeepSeek Spits Out Working Browser-Native Ransomware for Windows and Android

Researchers say a frontier model stitched together a real Chromium capability with fantasy malware ideas and produced something that actually encrypts files from inside a tab.

3 min
Opinion

The 2026 Vendor Survey Nobody Asked For, Except The Findings Actually Track

A survey of 1,200 practitioners says awareness is up and resilience is flat. Anyone running production already knew that.

2 min
Vulnerabilities

Citrix Patches Six NetScaler Flaws, Including HTTP/2 Bomb DoS and a CitrixBleed Echo

Citrix is pushing customers to patch NetScaler after disclosing six vulnerabilities — among them a denial-of-service vector exploiting HTTP/2 frame handling and a high-severity information disclosure bug drawing uncomfortable comparisons to last year's CitrixBleed.

2 min
© 2026 Threat Vectr