Latest stories — Page 17

Vulnerabilities

SimpleHelp OIDC Bypass Gets Weaponized: TaskWeaver and Djinn Stealer Land on Unpatched Servers

An unauthenticated auth bypass scoring a perfect 10.0 is dropping two new malware families on remote-support boxes that nobody remembered were internet-facing.

2 min
Vulnerabilities

Six Bugs in AirDrop and Quick Share Let Anyone Within Range Knock Out File Sharing

Researchers chained wireless-range flaws to crash receiving devices and bypass Quick Share permission checks — no taps, no pairing, no prompts.

3 min
AI Security

The Hidden Cost of Agentic AI in Security: Token Budgets Are Now a Defense Problem

Cybersecurity platforms are racing to embed agentic AI, but the economics of token consumption, AI credits, and deployment architecture may undercut the value before defenders see a return.

2 min
AI Security

BioShocking: Prompt-Game Trick Pries Credentials From AI Browsers

Researchers at LayerX got six AI browsers and assistants — including ChatGPT Atlas, Perplexity's Comet, and Anthropic's Claude extension — to exfiltrate user logins by framing the attack as a game.

3 min
Vulnerabilities

Pre-Auth Root RCE in Progress Kemp LoadMaster: Patch the API Now

CVE-2026-8037 lets an unauthenticated attacker run commands as root via a crafted API request. CVSS 9.8. The vendor has shipped a fix.

3 min
Vulnerabilities

Apple Ships Three Dozen Fixes, Including WebKit Bugs Surfaced by LLM-Assisted Review

Four of the patched WebKit flaws were found with help from Claude and Codex — a quiet data point on how vendors are folding AI into vulnerability discovery.

2 min
Vulnerabilities

Oracle E-Business Suite Payments Bug Hits CVSS 9.8, Already Being Hit

CVE-2026-46817 lets unauthenticated attackers take over Oracle Payments. Exploitation is happening now.

2 min
Vulnerabilities

CISA Flags Three Daktronics Controller Flaws That Could Let Attackers Hijack Highway Signs

A researcher found the vulnerabilities in controllers widely used to drive digital billboards and roadway message signs. Exploitation could mean someone else controls what drivers read.

2 min
Breaches

NAIC Says ShinyHunters Walked Out With Public Data and Stale Logs After PeopleSoft Zero-Day Hit

The regulator-of-regulators confirms an Oracle PeopleSoft zero-day was the entry point, but disputes the extortion crew's claims about what was taken.

3 min
Threat Intelligence

Fake Perplexity Extension Siphoned Every Chrome Address Bar Keystroke

Microsoft researchers flagged a counterfeit Perplexity Chrome extension that piped queries and omnibox input to an attacker server before completing the search.

3 min
Identity & Access

WhatsApp Starts Username Reservations, Finally Decoupling Identity From Phone Numbers

The optional handle system lets users be reachable without exposing an E.164 number — a meaningful identifier change for a 3-billion-user directory.

3 min
Threat Intelligence

Mustang Panda Turns Zoho WorkDrive Into C2 in Twin Campaigns Against Indian Government

The China-aligned crew is running parallel operations against New Delhi ministries and hydropower operators, abusing a legitimate cloud collaboration service to move commands past network defenses.

3 min
Threat Intelligence

Monday Brief: A DirtyClone Linux Bug, Turla's New Backdoor, and the Infostealer Churn

Old access paths, missed patches, and a fresh kernel flaw kept defenders busy. A roundup of what moved this week in the cybercrime ecosystem.

2 min
AI Security

Poisoned Repos Can Trick Claude Code Into Opening a Reverse Shell

Researchers show that prompt injection hidden inside a repository's files is enough to turn Anthropic's agentic coding tool against the developer running it.

2 min
AI Security

Prompt Injection in Git Repos Can Turn Claude Code Into a Reverse Shell Launcher

Malicious instructions buried in a repository's files can hijack Anthropic's Claude Code agent and open a backdoor on the developer's own machine — no obvious malware required.

2 min
Threat Intelligence

236,000 Sites Run Pig-Butchering Templates Built on DCloud Uni-App

Infoblox researchers tie a sprawling fake-exchange and wallet-drainer ecosystem to a legitimate Chinese cross-platform dev framework.

2 min
Identity & Access

BEC Keeps Winning Because It Looks Exactly Like Normal Work

The phishing payload is gone. The pretext is the payload now, and your SEG was never built for that.

3 min
Threat Intelligence

Gamaredon's 2025 Phishing Surge: 35 Campaigns, Fresh Loaders, and Identity Tradecraft

The Russia-aligned group has spent the year refining spear-phishing lures against Ukrainian targets, leaning harder on cloud services and credential theft.

3 min
Threat Intelligence

Harvest Now, Decrypt Later: Why Credentials Are the First Casualty of Q-Day

Captured ciphertext today becomes plaintext tomorrow. Credentials sit at the top of the target list.

2 min
Vulnerabilities

DirtyClone: New Linux Kernel Flaw Hands Unprivileged Users the Root Keys

A page-cache manipulation bug related to DirtyFrag lets local, unprivileged attackers escalate to root — no credentials required beyond a shell.

2 min
AI Security

White House Puts OpenAI and Anthropic Models on a Short Leash Pending Cybersecurity Review

The Trump administration is vetting frontier AI releases before they reach the public — and both major labs are complying.

2 min
© 2026 Threat Vectr