Latest stories — Page 27

The Alert Queue Is Full. So Is the Graveyard of Missed Threats.
When every event screams critical, nothing is. AI and automation are being drafted to fix a triage problem that human analysts simply can't outrun anymore.

Oracle Patches PeopleSoft Flaw Tied to ShinyHunters Activity, Stays Quiet on Zero-Day Status
CVE-2026-35273 has a fix. Whether attackers got there first is a question Oracle isn't answering.

CISA's New Directive: Agencies Must Prioritize High-Risk Security Patches
Federal agencies get their marching orders: focus on Known Exploited Vulnerabilities.

OnyxC2 Stealer: $250/Month Buys You Encrypted Payloads and 200+ App Targets
A commodity infostealer is punching well above its price point. OnyxC2 brings DLL sideloading and in-memory execution to anyone with a credit card.

South Korea Fines Coupang ₩624.6 Billion Over 37M-Record Breach
The PIPC's record penalty under PIPA cites failures in access control and insider-threat monitoring tied to a 2024 intrusion attributed to a former contractor.

The Patch Window Is Closed: Why CISOs Are Quietly Reallocating to BAS
Vulnerability management was built around a buffer between disclosure and weaponization. Generative tooling is collapsing that buffer, and breach-and-attack simulation budgets are absorbing the panic.

FBI Dismantles 13 Sites Tied to Chinese Influence Operation Targeting Cleared US Personnel
The seized domains posed as consulting firms advertising jobs — a tradecraft pattern consistent with state-directed recruitment campaigns against intelligence community insiders.

OceanLotus Turns SPECTRALVIPER on Vietnamese Investors and a Construction Firm
Two campaigns, one toolset. The Vietnam-aligned crew spent eighteen months inside a state-linked infrastructure builder before pivoting to a supply chain hit on retail stock investors.

Six Things SRE Teams Demand Before Handing Anything to an AI Agent
Observability gaps, missing guardrails, and opaque reasoning are the real blockers — not the AI itself.

JDY Botnet Turns 1,500 Compromised SOHO Devices Into a Nation-State Targeting Engine
Lumen's Black Lotus Labs links the scanning network to Volt Typhoon. The threat isn't the botnet itself — it's the reconnaissance data it harvests before you've even read the CVE advisory.

Frontier AI Models Transform Vulnerability Discovery
AI capabilities reshape cyber defense strategies, prompting new approaches to vulnerability management.

npm 12 Pulls the Plug on Install Scripts by Default
GitHub is finally turning off the lifecycle hook that's been quietly powering half a decade of supply chain attacks.

GitHub's npm Overhaul: No More Automatic Install Scripts
GitHub reshapes npm with default script blocking, aiming to tighten software supply chain security.

CISA's New Patching Directive Drops CVSS as the North Star
BOD 26-04 introduces a four-factor framework that prioritizes internet exposure, active exploitation, and attacker automation over raw severity scores — and gives agencies three days to act on the worst cases.

Ivanti Sentry Carries Two Critical Bugs — One a Perfect 10 — Enabling Full Appliance Takeover
A pair of unauthenticated flaws in the mobile gateway give attackers a clear path to root. Exploit code is already public.

JDY Botnet's Quiet Comeback: 1,500 SOHO and IoT Nodes Now Mapping the Internet
Researchers tie the reconstituted scanner network to China-nexus operators conducting persistent, large-scale reconnaissance against exposed services.

CISA Triggers Federal Patch Clock on Cisco, Chrome and Arista Bugs Under KEV
Three vulnerabilities added to the Known Exploited Vulnerabilities catalog activate BOD 22-01 remediation deadlines for civilian agencies.

Langflow Path Traversal Under Active Exploitation, No Patch Available
CVE-2026-5027 lets unauthenticated attackers write arbitrary files on Langflow servers. In-the-wild exploitation is being tracked now.

Patch Tuesday-Adjacent: FortiSandbox, Ivanti, and SAP Ship Fixes for Critical Bugs
A 9.1-rated command injection in FortiSandbox headlines a busy week of vendor advisories. Most of these land squarely on platform teams.

210 CVEs, Three Zero-Days, and a Microsoft Warning That This Is Just the Beginning
June Patch Tuesday sets a volume record. Microsoft says AI-assisted discovery is why, and that you should get used to it.

Tracing 'The Gentlemen' RaaS: OPSEC Trail Points to an Izhevsk Operator
A 90/10 affiliate split rocketed the crew to second place by victim count. The administrator's forum breadcrumbs are less impressive.