The Hacker News
Security researchers are being targeted with malicious Python proof-of-concept repositories that disguise a data-stealing remote access trojan called ChocoPoC, according to findings published by YesWe...
2 Jul 20262 min read
Read article →The Register - Security
Researchers say attackers began targeting a critical Oracle E-Business Suite vulnerability weeks after it was patched, and before any public exploit code had been released. The activity suggests the t...
2 Jul 20262 min read
Read article →Dark Reading
IBM and Red Hat are expanding a new initiative called Project Lightwell, bringing in 20,000 engineers as the companies move to strengthen software security across the open source ecosystem. The effort...
2 Jul 20262 min read
Read article →The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency has added a Microsoft SharePoint Server remote code execution flaw, tracked as CVE-2026-45659, to its Known Exploited Vulnerabilities catalog...
2 Jul 20262 min read
Read article →The Register - Security
A security assessment at a client site took an unusual turn when two professional red teamers used a winter storm and a bit of improvisation to slip deeper into a company’s defenses. The testers, work...
2 Jul 20262 min read
Read article →The Hacker News
Security researchers say an unpatched flaw in Argo CD’s repo-server component could allow an attacker to execute code and potentially gain control of a Kubernetes cluster, as long as they can reach th...
2 Jul 20262 min read
Read article →The Hacker News
A 19-year-old man accused of taking part in the Scattered Spider hacking collective has been extradited from Finland to the United States to face federal charges, according to the U.S. Department of J...
1 Jul 20262 min read
Read article →The Register - Security
Cisco Talos says the device-code phishing ecosystem known as EvilTokens is more capable and more carefully operated than earlier reporting suggested. The campaign is designed to steal Microsoft authen...
1 Jul 20262 min read
Read article →The Hacker News
Security researchers have identified a broad malware campaign in which threat actors are using search engine optimization (SEO) techniques and counterfeit software websites to distribute ScreenConnect...
1 Jul 20262 min read
Read article →The Hacker News
Security researchers have identified a new multi-stage malware campaign that uses social engineering and Google’s Blogger platform to distribute PureLogs, an information-stealing malware strain. Secur...
1 Jul 20262 min read
Read article →The Register - Security
Researchers at Check Point say they found evidence that DeepSeek was used to generate a browser-native malware concept that could act like ransomware without installing a traditional executable. The c...
1 Jul 20262 min read
Read article →The Hacker News
Security researchers have uncovered a renewed campaign distributing the Ousaban banking trojan to Windows users in Spain and Portugal through phishing PDFs that imitate broken or incomplete files. For...
1 Jul 20262 min read
Read article →