The Hacker News
Researchers at the Hong Kong University of Science and Technology say malicious add-on “skills” for AI coding agents can be modified to bypass static security scanners without breaking their behavior....
6 Jul 20262 min read
Read article →The Register - Security
The source code for KSOS, an early security-focused Unix-like operating system funded by the U.S. Department of Defense in the late 1970s and 1980s, has been made publicly available through The Unix H...
6 Jul 20262 min read
Read article →The Register - Security
Financial institutions continue to allow some customers to log in without multi-factor authentication, a gap that can make account takeovers easier for criminals, according to a recent account of a re...
5 Jul 20262 min read
Read article →The Hacker News
A U.S. government organization appears to have paid roughly $1 million after attackers threatened to publish stolen data, according to a new case study from Ransom-ISAC researcher Rakesh Krishnan. The...
4 Jul 20262 min read
Read article →The Hacker News
Researchers say a North Korean-linked threat group tied to the long-running Contagious Interview campaign has released 108 distinct malicious packages and browser extensions across several software ec...
4 Jul 20262 min read
Read article →The Register - Security
New academic research is casting doubt on a core trust mechanism used in confidential computing, a technology that vendors and policymakers have promoted as a foundation for sovereign cloud services a...
4 Jul 20262 min read
Read article →The Hacker News
Security researchers at runZero have disclosed seven vulnerabilities in FatFs, a compact filesystem library widely embedded in firmware for devices that read and write FAT and exFAT media. The softwar...
4 Jul 20262 min read
Read article →The Hacker News
A newly disclosed Linux kernel vulnerability dubbed Bad Epoll could allow a local, unprivileged user to gain root access on affected systems, according to a public research write-up. The flaw is track...
4 Jul 20262 min read
Read article →The Hacker News
Security researchers have identified a previously undocumented modular malware framework called Avalon that appears designed to support a full intrusion lifecycle, from initial access and credential t...
3 Jul 20262 min read
Read article →The Hacker News
Researchers have uncovered a new software supply chain operation involving malicious npm packages that imitate legitimate Rollup polyfill tooling and appear to be tied to North Korean threat actors. T...
3 Jul 20262 min read
Read article →The Hacker News
Researchers have linked a previously unreported threat group, known as Armored Likho, to cyberattacks against government agencies and electric power organizations in Russia, Brazil, and Kazakhstan. Se...
3 Jul 20262 min read
Read article →The Hacker News
The Citizen Lab has reported that Stelios Kouloglou, a former member of the European Parliament, was repeatedly targeted with Pegasus spyware while he was serving on a committee examining the misuse o...
3 Jul 20262 min read
Read article →