Threat Intelligence

Advanced threat analysis and intelligence reports.

Agentic Botnets Attack Uses HalluSquatting to Hijack AI Coding Assistants
News
4 min read

Agentic Botnets Attack Uses HalluSquatting to Hijack AI Coding Assistants

A newly disclosed attack technique, called adversarial hallucination squatting (HalluSquatting), developed by researchers at Tel Aviv University and Technion, exploits the predictable tendency of larg

CyberShield TeamRead More
Fake Chinese VPN Drops GoodPersonRAT With Keylogging, Proxying, and Telegram Theft
News
3 min read

Fake Chinese VPN Drops GoodPersonRAT With Keylogging, Proxying, and Telegram Theft

The legitimate VPN service is highly popular for its ability to bypass China’s Great Firewall. However, attackers are exploiting its reputation to deploy hidden malware. This fake installer drop

CyberShield TeamRead More
GitLab Patch Release Fixes Affecting CE and EE Installations
News
3 min read

GitLab Patch Release Fixes Affecting CE and EE Installations

GitLab released versions 19.1.2, 19.0.4, and 18.11.7 on July 8, 2026, patching eight vulnerabilities ranging from high to low severity across Community Edition (CE) and Enterprise Edition (EE). The co

CyberShield TeamRead More
Hackers Use Device Code Phishing to Replay Sessions and Register MFA for Persistence
News
3 min read

Hackers Use Device Code Phishing to Replay Sessions and Register MFA for Persistence

Threat researchers have uncovered a new data extortion group named “Helix” that bypasses traditional security perimeters without deploying a single piece of malware. Emerging from the remn

CyberShield TeamRead More
Palo Alto PAN-OS Buffer Overflow Flaws Could Let Attackers Execute Code
News
3 min read

Palo Alto PAN-OS Buffer Overflow Flaws Could Let Attackers Execute Code

Palo Alto Networks has disclosed multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of PAN-OS. Tracked as CVE-2026-0288, it could allow unauthenticated attac

CyberShield TeamRead More
Accenture Confirms Data Breach – Hacker Claims Theft of Internal Source Code
Cybersecurity
3 min read

Accenture Confirms Data Breach – Hacker Claims Theft of Internal Source Code

IT services and consulting giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other sensitive data from the company. A thr

CyberShield TeamRead More
Claude, Cursor, and Codex Trigger Endpoint Security Rules Used to Catch Hackers
Cybersecurity
4 min read

Claude, Cursor, and Codex Trigger Endpoint Security Rules Used to Catch Hackers

AI coding agents such as Claude Code, Cursor, and OpenAI Codex are increasingly appearing in enterprise environments, and new telemetry shows they are unintentionally triggering security detections ti

CyberShield TeamRead More
New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents
Cybersecurity
4 min read

New GhostApproval Vulnerability Affects Amazon Q, Claude Code, Cursor, and Other AI Agents

A newly disclosed vulnerability pattern dubbed “GhostApproval” has exposed a critical security flaw in six of the most widely used AI coding assistants: Amazon Q Developer, Anthropic Claud

CyberShield TeamRead More
Palo Alto PAN-OS Vulnerability Allows Arbitrary Code Execution Through Malicious Network Traffic
Cybersecurity
3 min read

Palo Alto PAN-OS Vulnerability Allows Arbitrary Code Execution Through Malicious Network Traffic

Palo Alto Networks has disclosed a high-severity vulnerability in PAN-OS that could allow unauthenticated attackers to execute arbitrary code or trigger a denial-of-service (DoS) condition by sending

CyberShield TeamRead More
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Hacking News
1 min read

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprisi

CyberShield TeamRead More
GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
Hacking News
1 min read

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer's computer. The assistant asks permission to edit one har

CyberShield TeamRead More
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
Hacking News
1 min read

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker's code on your own machine instead. That is the finding in a proof-of-concept published Wednesday by t

CyberShield TeamRead More
Attackers Can Abuse Claude Desktop to Execute Commands on Victim Machines
News
3 min read

Attackers Can Abuse Claude Desktop to Execute Commands on Victim Machines

A novel attack chain that turns Anthropic’s Claude Desktop application into a remote code execution vector, requiring no phishing email and no traditional malware. The technique instead weaponiz

CyberShield TeamRead More
Claude Cowork Expands to Web and Mobile With Background AI Agent Tasks
News
4 min read

Claude Cowork Expands to Web and Mobile With Background AI Agent Tasks

Anthropic has rolled out Claude Cowork to web and mobile platforms, letting AI agent sessions persist across devices and continue executing tasks even when users step away. The expansion, announced Ju

CyberShield TeamRead More
DuckDuckGo Browser to Block YouTube Ads by Default
News
4 min read

DuckDuckGo Browser to Block YouTube Ads by Default

A native YouTube ad-blocking feature was rolled out by DuckDuckGo across its desktop and mobile browsers, allowing users to watch YouTube videos without pre-roll or mid-roll interruptions. The feature

CyberShield TeamRead More
GitHub Verified Badge Can Appear on Multiple Hashes for Same Signed Commit
News
4 min read

GitHub Verified Badge Can Appear on Multiple Hashes for Same Signed Commit

A new disclosure reveals that a GitHub “Verified” badge does not guarantee that a commit hash uniquely identifies signed content, undermining a core assumption behind hash-based security c

CyberShield TeamRead More
New Research Details How FBI Uncovered Alleged Scattered Spider Member
News
4 min read

New Research Details How FBI Uncovered Alleged Scattered Spider Member

The extradition of an alleged Scattered Spider member from Finland to the United States has drawn attention far beyond the criminal charges themselves. Buried on page 8 of the indictment lies a detail

CyberShield TeamRead More
APT-C-20 Hackers Hide Shellcode in PNG Images to Launch Fileless C# Backdoor
Cybersecurity
5 min read

APT-C-20 Hackers Hide Shellcode in PNG Images to Launch Fileless C# Backdoor

A well known hacking group has found a clever way to sneak malicious code past security tools, using an ordinary picture file. The group, tracked as APT-C-20 and known as APT28 or Fancy Bear, hides sh

CyberShield TeamRead More
ClickFix Campaign Uses Fake Google Verification Page to Infect Mexican Bank Customers
Cybersecurity
6 min read

ClickFix Campaign Uses Fake Google Verification Page to Infect Mexican Bank Customers

A fake Google verification page is being used to infect customers of Mexican banks with a malware toolkit built for fraud, not just espionage. The campaign relies on a familiar ClickFix trick, where a

CyberShield TeamRead More
DuckDuckGo Browser Blocks YouTube Ads by Default Using Community Filter Lists
Cybersecurity
3 min read

DuckDuckGo Browser Blocks YouTube Ads by Default Using Community Filter Lists

DuckDuckGo has rolled out native YouTube ad blocking across its browser applications, automatically stripping pre-roll and mid-roll video ads without requiring users to install third-party extensions.

CyberShield TeamRead More
Fake Indian ITR Notice Delivers Dual RAT Malware Through Six-Stage Infection Chain
Cybersecurity
5 min read

Fake Indian ITR Notice Delivers Dual RAT Malware Through Six-Stage Infection Chain

A new malware campaign is using fake Indian tax notices to trick users into installing not one, but two separate remote access trojans on their computers. The attack disguises itself as an official In

CyberShield TeamRead More
Lurking Lizard Uses Fake 7-Zip Installers to Turn Victim Devices Into Proxy Nodes
Cybersecurity
5 min read

Lurking Lizard Uses Fake 7-Zip Installers to Turn Victim Devices Into Proxy Nodes

A newly uncovered cybercriminal operation has been quietly turning ordinary computers into paid proxy servers for years, hiding behind a fake version of the popular 7-Zip file compression tool. Victim

CyberShield TeamRead More
PromptSpy Android Malware Uses Google Gemini to Adapt During Runtime Execution
Cybersecurity
5 min read

PromptSpy Android Malware Uses Google Gemini to Adapt During Runtime Execution

A newly identified strain of Android spyware called PromptSpy has become the first mobile malware known to call on generative AI while it is actually running on a victim’s device. Rather than re

CyberShield TeamRead More
AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers
Hacking News
1 min read

AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers

Sophos looked at a week of its own endpoint data and found that AI coding agents such as Claude Code, Cursor, and OpenAI Codex are setting off detection rules written to catch human intruders. The age

CyberShield TeamRead More
GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures
Hacking News
1 min read

GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

New research shows that a signed Git commit's hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any signed commit, someone without the signing key can mint a s

CyberShield TeamRead More
New Ghost Phishing Wave Is Breaking Traditional Email Security
Hacking News
1 min read

New Ghost Phishing Wave Is Breaking Traditional Email Security

A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypt

CyberShield TeamRead More
New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware
Hacking News
1 min read

New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware

AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that does not exist. New research, which its

CyberShield TeamRead More
SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users
Hacking News
1 min read

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users

A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Sec

CyberShield TeamRead More
The Verification Step Is the New ATO Battleground in 2026
Hacking News
1 min read

The Verification Step Is the New ATO Battleground in 2026

For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, s

CyberShield TeamRead More
Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS
Hacking News
1 min read

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and ar

CyberShield TeamRead More
Bad Epoll Zero-Day Linux Kernel Flaw Lets Unprivileged Users Escalate to Root
News
4 min read

Bad Epoll Zero-Day Linux Kernel Flaw Lets Unprivileged Users Escalate to Root

A severe zero-day vulnerability dubbed Bad Epoll has been publicly disclosed in the Linux kernel’s epoll I/O event notification subsystem, allowing any unprivileged local user to escalate privil

CyberShield TeamRead More
Gaslight Malware Abuses Prompt Injection to Trick Automated AI Cybersecurity Agents
News
4 min read

Gaslight Malware Abuses Prompt Injection to Trick Automated AI Cybersecurity Agents

North Korean hackers have launched a sophisticated new macOS malware campaign that targets Mac users, specifically developers and those in the Web3 space. Historically, these threat actors rely on fak

CyberShield TeamRead More
ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection
News
4 min read

ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection

Two newly disclosed vulnerabilities in ModSecurity, the widely deployed open-source Web Application Firewall (WAF) engine, could allow attackers to bypass detection rules entirely. Both flaws affect M

CyberShield TeamRead More
Ousaban Banking Trojan Uses Daily-Changing DDNS Domains to Hide C2 Infrastructure
News
3 min read

Ousaban Banking Trojan Uses Daily-Changing DDNS Domains to Hide C2 Infrastructure

In May 2026, researchers at FortiGuard Labs uncovered a sophisticated new campaign delivering the Ousaban banking Trojan to users in Spain and Portugal. Originally known for targeting Brazil, this lat

CyberShield TeamRead More
Seven FatFs Vulnerabilities Exposing Embedded Devices to Code Execution
News
3 min read

Seven FatFs Vulnerabilities Exposing Embedded Devices to Code Execution

Seven newly disclosed vulnerabilities in FatFs, the ubiquitous FAT/exFAT filesystem library, could let a malicious USB drive, SD card, or firmware update trigger memory corruption and code execution o

CyberShield TeamRead More
Parrot 7.3 Released With Optimized Packages and Updated Tools
Cybersecurity
3 min read

Parrot 7.3 Released With Optimized Packages and Updated Tools

Parrot Security has released Parrot OS 7.3, introducing significant system-level optimizations, updated security tools, and a redesigned application management experience to improve performance and us

CyberShield TeamRead More
Cyber Security News Bulletin Weekly – Mythos is Back, WhatsApp Username, Kali Linux 2026.2, +20 Stories
Cybersecurity
8 min read

Cyber Security News Bulletin Weekly – Mythos is Back, WhatsApp Username, Kali Linux 2026.2, +20 Stories

This week’s roundup covers a major AI security model redeployment, several critical RCE vulnerabilities across popular tools, a landmark WhatsApp privacy update, and the latest Kali Linux releas

CyberShield TeamRead More
Flipper Zero Firmware Development Continues With New Community Contribution Rules
Cybersecurity
3 min read

Flipper Zero Firmware Development Continues With New Community Contribution Rules

Flipper Devices has responded to intense community backlash over perceptions that it had abandoned active development of the Flipper Zero firmware. In a statement addressing the controversy, the compa

CyberShield TeamRead More
Microsoft Releases OOBE Cumulative Update for Windows 11, Versions 24H2 and 25H2
Cybersecurity
3 min read

Microsoft Releases OOBE Cumulative Update for Windows 11, Versions 24H2 and 25H2

Microsoft has rolled out KB5095189, a new cumulative update targeting the Out-of-Box Experience (OOBE) for Windows 11, versions 24H2 and 25H2. Released on June 23, 2026, this update refines the initia

CyberShield TeamRead More
T3MP3ST Security Framework With 35 Tools, Turns AI Coding Agents Into 0-Day Bug Hunters
Cybersecurity
3 min read

T3MP3ST Security Framework With 35 Tools, Turns AI Coding Agents Into 0-Day Bug Hunters

A newly released open-source security framework called T3MP3ST is turning general-purpose AI coding agents like Claude Code, OpenAI’s Codex, and Hermes into autonomous red-teaming operators with

CyberShield TeamRead More
BusySnake Stealer Targets Browser Passwords, Cookies, Telegram Sessions, and Crypto Keys
News
4 min read

BusySnake Stealer Targets Browser Passwords, Cookies, Telegram Sessions, and Crypto Keys

BusySnake Stealer, a previously undocumented Python-based infostealer actively deployed by an emerging APT we track as Armored Likho (aka Eagle Werewolf). BusySnake is purpose-built for Windows and en

CyberShield TeamRead More
CrownX Ransomware Embedded Inside Avalon Framework Targets Recovery and Backup Systems
News
5 min read

CrownX Ransomware Embedded Inside Avalon Framework Targets Recovery and Backup Systems

A previously undocumented multi-stage malware framework, tracked as Avalon, that embeds a ransomware component internally labeled CrownX and specifically targets recovery and backup systems. By placin

CyberShield TeamRead More
Hackers Abuse EdgeUpdate and GoogleUpdater to Deploy TimbreStealer Infostealer
News
4 min read

Hackers Abuse EdgeUpdate and GoogleUpdater to Deploy TimbreStealer Infostealer

A targeted campaign deploying the TimbreStealer infostealer by abusing legitimate updater binaries EdgeUpdate (msedgeupdate) and GoogleUpdater (goopdate) via DLL side-loading. Researchers Euler Neto a

CyberShield TeamRead More
Hackers Abuse Verified X Ads to Deliver Mac Malware Through ClickFix Attack
News
4 min read

Hackers Abuse Verified X Ads to Deliver Mac Malware Through ClickFix Attack

A trusted channels and verified profiles to amplify social-engineering campaigns, and a recent ClickFix-style operation on X (formerly Twitter) illustrates that risk. The ad redirected victims to a lo

CyberShield TeamRead More
Parrot 7.3 Released With Optimized builds and New Go menu system
News
4 min read

Parrot 7.3 Released With Optimized builds and New Go menu system

Parrot 7.3 arrives as a focused systems release that prioritizes performance and everyday polish over wholesale toolset changes. Dropping only months after the previous version, this release rebuilds

CyberShield TeamRead More
Multiple FatFs Vulnerabilities Expose Millions of Embedded Devices to Cyber Risks
Cybersecurity
3 min read

Multiple FatFs Vulnerabilities Expose Millions of Embedded Devices to Cyber Risks

Security researchers at runZero have disclosed seven new CVEs affecting FatFs, the ubiquitous lightweight FAT/exFAT filesystem driver used across embedded and IoT ecosystems. The vulnerabilities range

CyberShield TeamRead More
New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices
Cybersecurity
3 min read

New “Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers and Android Devices

A newly disclosed Linux kernel flaw dubbed “Bad Epoll” (CVE-2026-46242) allows an unprivileged local user to escalate to root on Linux servers, desktops, and Android devices by exploiting

CyberShield TeamRead More
PamStealer Mimics Maccy Clipboard Manager Silently Harvests Data and Clipboard Contents
Cybersecurity
4 min read

PamStealer Mimics Maccy Clipboard Manager Silently Harvests Data and Clipboard Contents

PamStealer is a newly identified macOS infostealer that disguises itself as the popular open-source clipboard manager “Maccy” while silently harvesting sensitive user data. Discovered by Jamf Threat L

CyberShield TeamRead More
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
Hacking News
1 min read

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome a

CyberShield TeamRead More
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
Hacking News
1 min read

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the bloc

CyberShield TeamRead More
Alibaba to Ban Claude Code at Work Over Alleged Backdoor Security Risks
News
3 min read

Alibaba to Ban Claude Code at Work Over Alleged Backdoor Security Risks

Alibaba will reportedly ban the use of Anthropic’s Claude Code across its workplace environments starting July 10, following allegations that the AI coding assistant contains a covert backdoor-like me

CyberShield TeamRead More
Anthropic Details Claude Fable 5 Cyber Safeguards and AI Jailbreak Severity Framework
News
3 min read

Anthropic Details Claude Fable 5 Cyber Safeguards and AI Jailbreak Severity Framework

Anthropic has published new technical details on the cybersecurity safeguards protecting Claude Fable 5, which is now globally available following its redeployment. The disclosure covers two major ini

CyberShield TeamRead More
ChatGPT Sensitive Information Disclosure Flaw Abused File Download Mechanism
News
3 min read

ChatGPT Sensitive Information Disclosure Flaw Abused File Download Mechanism

A now-patched vulnerability in ChatGPT that chained a guardrail bypass with a path traversal flaw to achieve local file inclusion (LFI) within OpenAI’s sandboxed execution environment. The resea

CyberShield TeamRead More
Fake Google and Cloudflare Verification Pages Spread Multiple Malware Families
News
4 min read

Fake Google and Cloudflare Verification Pages Spread Multiple Malware Families

A sprawling ClickFix campaign that abuses fake Google and Cloudflare verification pages to trick users into infecting their own machines. Documented by Malwarebytes, the operation delivers a wide rang

CyberShield TeamRead More
FBI Warns TeamPCP Supply Chain Campaign Puts Developer Environments and Cloud Credentials at Risk
News
3 min read

FBI Warns TeamPCP Supply Chain Campaign Puts Developer Environments and Cloud Credentials at Risk

In 2026, the FBI issued a critical warning regarding a massive software supply chain campaign orchestrated by the threat group TeamPCP. This sophisticated attack compromised trusted software distribut

CyberShield TeamRead More
Malicious Websites Hide Prompt Instructions in DOM to Poison AI Agent Decision-Making
News
3 min read

Malicious Websites Hide Prompt Instructions in DOM to Poison AI Agent Decision-Making

Threat actors are turning web content into a new attack surface to target artificial intelligence workflows. Much like human users face phishing attacks, AI agents are increasingly vulnerable to Indir

CyberShield TeamRead More
PamStealer macOS Infostealer Uses Rust Payload to Validate and Steal Passwords
News
4 min read

PamStealer macOS Infostealer Uses Rust Payload to Validate and Steal Passwords

A newly discovered macOS infostealer, dubbed PamStealer, disguises itself as the popular open-source clipboard manager Maccy while quietly harvesting credentials, browser data, and clipboard contents

CyberShield TeamRead More
Pegasus Spyware Hacked MEP Serving on European Parliament PEGA Committee
News
4 min read

Pegasus Spyware Hacked MEP Serving on European Parliament PEGA Committee

Former Greek Member of the European Parliament (MEP) Stelios Kouloglou was repeatedly infected with NSO Group’s Pegasus spyware while actively serving on the very committee tasked with investiga

CyberShield TeamRead More
PoC Released for Microsoft Exchange SSRF Flaw That Lets Low-Privileged Users Read Files
News
3 min read

PoC Released for Microsoft Exchange SSRF Flaw That Lets Low-Privileged Users Read Files

A newly disclosed server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server 2019, tracked as CVE-2026-45504, allows any authenticated, low-privileged user to read arbitrary files f

CyberShield TeamRead More
Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs
News
4 min read

Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs

Cybercriminals are constantly finding new ways to manipulate consumers using trusted corporate identities. Recently, a highly coordinated scam campaign has emerged that leverages the names of major br

CyberShield TeamRead More
Alibaba to Ban Claude Code Over Alleged Embedded Backdoor Risks
Cybersecurity
3 min read

Alibaba to Ban Claude Code Over Alleged Embedded Backdoor Risks

Alibaba is reportedly set to ban Anthropic’s Claude Code from its internal workplace environments starting July 10, 2026, over alleged embedded backdoor risks. The company has not officially con

CyberShield TeamRead More
FBI Warns TeamPCP Hackers Compromise Developer Tools in Large-Scale Supply Chain Attacks
Cybersecurity
6 min read

FBI Warns TeamPCP Hackers Compromise Developer Tools in Large-Scale Supply Chain Attacks

A new wave of software supply chain attacks has put developers and security teams on high alert. The threat group behind it, known as TeamPCP, has been quietly slipping malicious code into trusted dev

CyberShield TeamRead More
Former MEP Investigating Spyware Abuses Has Phone Hacked With Pegasus
Cybersecurity
4 min read

Former MEP Investigating Spyware Abuses Has Phone Hacked With Pegasus

Stelios Kouloglou, a former Member of the European Parliament (MEP) who served on the committee investigating Pegasus spyware abuses, was himself repeatedly infected with NSO Group’s Pegasus spy

CyberShield TeamRead More
Hackers Abuse Blogspot and PowerShell Download Cradles to Deploy PureLog Steale
Cybersecurity
5 min read

Hackers Abuse Blogspot and PowerShell Download Cradles to Deploy PureLog Steale

Hackers have found a clever way to sneak data-stealing malware onto victims’ computers by hiding their tracks inside a trusted platform, Google Blogspot. Researchers recently uncovered a campaig

CyberShield TeamRead More
Hackers Abuse SEO Poisoning and Hidden HTML to Trick AI Agents Into Following Malicious Instructions
Cybersecurity
5 min read

Hackers Abuse SEO Poisoning and Hidden HTML to Trick AI Agents Into Following Malicious Instructions

Artificial intelligence agents are quickly becoming the new front door to the internet, and attackers have noticed. A fresh wave of malicious websites is using search engine tricks and invisible code

CyberShield TeamRead More
Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader
Cybersecurity
5 min read

Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader

Cybersecurity researchers have uncovered a new malware loader called SharkLoader that is quietly slipping into networks by hiding inside fake software installers. The tool has been spotted delivering

CyberShield TeamRead More
Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely
Cybersecurity
4 min read

Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely

The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to remotely disable e-rickshaws and oth

CyberShield TeamRead More
Multiple Apache ActiveMQ Vulnerabilities Enable DoS Attacks and Lead to Crashes
Cybersecurity
4 min read

Multiple Apache ActiveMQ Vulnerabilities Enable DoS Attacks and Lead to Crashes

Apache ActiveMQ users are advised to urgently update their deployments after three important vulnerabilities were disclosed, exposing messaging infrastructure to denial-of-service (DoS) attacks, broke

CyberShield TeamRead More
Nebula AI-Powered Penetration Testing Platform Automates Vulnerability Assessments
Cybersecurity
3 min read

Nebula AI-Powered Penetration Testing Platform Automates Vulnerability Assessments

A new open-source security tool is bringing large language models directly into the penetration tester’s terminal. Nebula, developed by BerylliumSec, integrates state-of-the-art AI models into t

CyberShield TeamRead More
Scammers Impersonate Trusted Brands in Gambling Ads to Drive Casino Traffic
Cybersecurity
5 min read

Scammers Impersonate Trusted Brands in Gambling Ads to Drive Casino Traffic

Scammers are hijacking trusted brand names to push people toward online casinos unrelated to those companies. Instead of building fake bank sites or phishing emails, they exploit the trust people plac

CyberShield TeamRead More
Top 10 Best Post-Quantum Cryptographic Solutions in 2026
Cybersecurity
22 min read

Top 10 Best Post-Quantum Cryptographic Solutions in 2026

Quantum computing has crossed the line from research curiosity to board-level risk. Once a cryptographically relevant quantum computer arrives — an event security planners call “Q-Day” — t

CyberShield TeamRead More
Your iphone Will Alert You in Real Time if You Are Falling Victim to a Scam
Cybersecurity
3 min read

Your iphone Will Alert You in Real Time if You Are Falling Victim to a Scam

Apple is taking a major step toward combating social engineering attacks with a new feature in iOS 27 that can warn users in real time if they are likely being targeted by a scam. The new framework, c

CyberShield TeamRead More
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
Hacking News
1 min read

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "A

CyberShield TeamRead More
European Parliament Member Investigating Spyware Was Hacked With Pegasus
Hacking News
1 min read

European Parliament Member Investigating Spyware Was Hacked With Pegasus

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving

CyberShield TeamRead More
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Hacking News
1 min read

New Avalon Malware Framework Packs CrownX Ransomware Capabilities

Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capable of bypassing traditio

CyberShield TeamRead More
New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
Hacking News
1 min read

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Andro

CyberShield TeamRead More
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
Hacking News
1 min read

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFr

CyberShield TeamRead More
PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
Hacking News
1 min read

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by

CyberShield TeamRead More
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
Hacking News
1 min read

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws ma

CyberShield TeamRead More
AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
Hacking News
1 min read

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large

CyberShield TeamRead More
FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
Hacking News
1 min read

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-o

CyberShield TeamRead More
Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
Hacking News
1 min read

Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices

Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's Threat In

CyberShield TeamRead More
Identity Lifecycle Management Wasn't Built for AI Agents
Hacking News
1 min read

Identity Lifecycle Management Wasn't Built for AI Agents

Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across ente

CyberShield TeamRead More
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
Hacking News
1 min read

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between

CyberShield TeamRead More
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
Hacking News
1 min read

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a

CyberShield TeamRead More
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
Hacking News
1 min read

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this campa

CyberShield TeamRead More