Latest stories — Page 24

Ransomware

DragonForce Crew Tunnels RAT Traffic Through Microsoft Teams Relays

A Go-based backdoor dubbed Backdoor.Turn piggybacks on Teams' own relay infrastructure to hide C2 calls inside a U.S. services firm's network.

3 min
Policy & Regulation

Mastra npm Namespace Hit: 145 Packages Tampered After Contributor Account Hijack

Researchers tracking the 'easy-day-js' supply chain incident say a single compromised maintainer account was sufficient to push malicious versions across the @mastra/* registry footprint.

2 min
Policy & Regulation

Accenture Moves to Acquire Dragos, runZero, and NetRise in $4.1 Billion OT Security Consolidation

The deal values Dragos alone at $3.25 billion. runZero and NetRise would fold under the Dragos umbrella post-close.

2 min
AI Security

The Agents Nobody Owns: AI Identities Are Quietly Becoming Your Worst Insider Risk

Orphaned AI agents and standing privileges are accumulating across enterprise environments. Most security teams can't tell you who authorized them — or revoke them quickly when they go wrong.

3 min
Policy & Regulation

India Tells Court Telegram Couldn't Detect Exam-Leak Channels Before Block

Government says it warned Telegram two weeks before pulling the plug. Telegram says the ban is unlawful and that it cooperated.

3 min
Threat Intelligence

ClickFix Campaign Turns Google Ads, GitLab, and Claude Into a Six-Wave Trust Machine

Attackers chained legitimate infrastructure across seven weeks to push malicious PowerShell commands to developers. Session tokens, SSH keys, and cloud credentials were the prize.

3 min
Policy & Regulation

PCI DSS 4.0.1 Drags Checkout Scripts Into Scope, and Most Merchants Aren't Ready

Independent QSA assessment puts Reflectiz against the new client-side rules. The verdict: the script soup running on your payment page is now an auditable surface.

2 min
Threat Intelligence

Fortibleed: How 75,000 FortiGate Firewalls Ended Up on an Attacker's Credential List

Configuration files. Legacy SHA-256 hashes. Automation at scale. The Fortibleed campaign is a slow-burn credential harvest that perimeter defenders are still catching up to.

3 min
Policy & Regulation

Six Security Leaders Who Changed Jobs in Early 2026

From Air Force intelligence to frontier AI, the CISO hiring market is moving. Here is who landed where — and what the patterns suggest.

2 min
AI Security

AI Breaks the Assumption Cybersecurity Was Built On

Modern security programs were engineered around deterministic systems. Agentic AI isn't one.

3 min
AI Security

The AI-SOC Is Maturing Fast. Here Are the Human Roles It Actually Creates.

Autonomous triage agents are already displacing Tier 1 analyst work. But the agentic SOC depends on a new class of human specialists — and those roles are filling now.

2 min
Identity & Access

SailPoint to Buy Entro Security for a Reported $200 Million

The acquisition adds non-human identity and secrets management to SailPoint's governance platform — a gap that's become increasingly hard to ignore.

2 min
Policy & Regulation

Google to Harvest UK and EU IP Addresses for Ad Targeting Starting August 2026

The same signal Google once branded a privacy red flag becomes a measurement tool, just as the ICO sharpens its consent rules.

3 min
Threat Intelligence

Clipper Crew Buys Sponsored Posts on News Sites to Push Trojanized Crypto Tools

An untracked actor is laundering credibility through paid press placements, a phishing-grade WordPress hub, and seeded GitHub and SourceForge repos to deliver clipboard hijackers.

2 min
Vulnerabilities

Microsoft Acknowledges 'RoguePlanet' Defender Zero-Day, Patch Still in the Works

CVE-2026-50656 is a privilege escalation bug in the Malware Protection Engine — the component sitting at the heart of every Defender install.

2 min
Policy & Regulation

Tailscale and OpenSSH Became a Junior Operator's Back Door After His Havoc C2 Went Dark

An intrusion at a small French auto-sector firm shows how commodity remote-access tooling defeats the assumption that killing the C2 ends the incident.

3 min
Policy & Regulation

Estonia Wants to Give AI Agents Government-Issued IDs — With Spelled-Out Permission Scopes

The Baltic nation's AI Council is proposing state-backed digital identities for AI agents, defining exactly what they're allowed to do before they touch your data or your bank account.

2 min
Identity & Access

MFA Alone Won't Save You: What Modern Attackers Know That Defenders Don't

A practitioner-focused webinar examines how threat actors sidestep conventional detection controls and why single-layer authentication assumptions are failing organizations.

2 min
Policy & Regulation

India Pulls Telegram Offline Until June 22 — and the Block Spilled Into the UAE

New Delhi cites leaked exam papers circulating in Telegram channels. Pavel Durov says Reliance Jio went further, hijacking BGP routes that broke the app well outside India's borders.

3 min
Opinion

When Every Finding Looks Urgent: The Case for Adversarial Exposure Validation

Visibility isn't the bottleneck anymore. Deciding what an actual operator would touch is.

3 min
AI Security

Bucket Squatting in Vertex AI SDK Opened Cross-Tenant RCE Window

A staging-bucket naming flaw in two versions of Google's Vertex AI Python SDK let attackers pre-register a victim's expected bucket and swap in a malicious pickle model before the platform could retrieve the original.

2 min
© 2026 Threat Vectr