AnythingLLM Desktop XSS-to-RCE via insecure Electron config. Poisoned RAG documents or compromised LLM endpoints can achieve full host compromise. CVE-2026-32626, CVSS 9.6. Patch available.
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager.
Lapsus group lists AstraZeneca (UK/Sweden) as a victim, publishing alleged breach evidence pointing to a potential compromise of internal systems.
Microsoft says tax-season phishing now deploys RMM tools like ScreenConnect, moving beyond credential theft.
A Feb. 10 campaign hit 29,000+ users across 10,000 orgs, using IRS lures to gain persistent system access.
A Feb. 10 campaign hit 29,000+ users across 10,000 orgs, using IRS lures to gain persistent system access.
Attackers are exploiting a CVSS 10.0 auth bypass in Quest KACE SMA to hijack admin accounts.
Arctic Wolf observed attacks on unpatched, internet-exposed systems, with payloads delivered via curl and persistence set through registry changes.
Arctic Wolf observed attacks on unpatched, internet-exposed systems, with payloads delivered via curl and persistence set through registry changes.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
An APT group has reportedly conducted a cyberattack against Lockheed Martin, targeting its defense and aerospace networks.
@TheGhostITM
@TheGhostITM
Citrix patched a critical NetScaler flaw (CVSS 9.3) enabling unauthenticated memory leaks.
The issue exposes sensitive appliance data when SAML IDP is enabled, alongside a second bug that can mix user sessions in gateway or AAA setups.
The issue exposes sensitive appliance data when SAML IDP is enabled, alongside a second bug that can mix user sessions in gateway or AAA setups.
North Korea’s Contagious Interview campaign now uses malicious VS Code projects to deploy StoatWaffle.
Opening the folder can auto-run tasks.json, install Node.js if missing, and fetch stealer or RAT payloads on developer systems.
Opening the folder can auto-run tasks.json, install Node.js if missing, and fetch stealer or RAT payloads on developer systems.
Keir Starmer is set to ban cryptocurrency donations after a review concluded they risk foreign interference in UK democracy — The Times.
More than 875 million Android phones (~25% of the market) are at risk due to a serious vulnerability in MediaTek chips.
Discovered by Ledger Donjon, this flaw lets an attacker with physical access extract sensitive data—like lock PINs, encrypted storage, and crypto‑wallet recovery phrases—in under a minute, even when the device is powered off and connected via USB.
Discovered by Ledger Donjon, this flaw lets an attacker with physical access extract sensitive data—like lock PINs, encrypted storage, and crypto‑wallet recovery phrases—in under a minute, even when the device is powered off and connected via USB.
Head of Israel’s Cybersecurity Organization: 50 successful cyberattacks against Israeli organizations have occurred during the war with Iran.
However, the actual number of breaches is likely higher, as usual the authorities will not admit it.
However, the actual number of breaches is likely higher, as usual the authorities will not admit it.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Amazon AWS disrupted by war in West Asia again
Amazon announced that its Amazon Web Services (AWS) region in Bahrain has been "disrupted" due to war in West Asia, marking the second disruption to its operations in the past month linked to the war.
@TheGhostITM
Amazon announced that its Amazon Web Services (AWS) region in Bahrain has been "disrupted" due to war in West Asia, marking the second disruption to its operations in the past month linked to the war.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
More than 200 Israeli civilian entities and organizations have been hacked and digitally wiped in cyberattacks since the outbreak of the Iran–Israel–U.S. war. These figures do not include Israeli government infrastructure.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
יותר מ־200 גופים וארגונים אזרחיים בישראל נפרצו ונמחקו דיגיטלית במתקפות סייבר מאז פרוץ המלחמה בין איראן, ישראל וארצות הברית. נתונים אלו אינם כוללים תשתיות ממשלתיות ישראליות.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The attack group TeamPCP has planted malicious code in Israeli-founded cybersecurity giant Checkmarx’s GitHub Actions pipeline.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Attackers have succeeded in planting malicious code in the popular open‑source library LiteLLM, a U.S.-based AI‑infrastructure project that helps developers unify access to 100+ large language models.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The Handala hacker group announced that 14 gigabytes of highly confidential personal documents belonging to Tamir Pardo have been released as a proof of concept (PoC). These documents not only reveal Mossad secrets but also expose details of assassination programs and covert operations.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The security company HackerOne, which usually helps companies identify their vulnerabilities, has itself fallen victim to a cyberattack.
The leaked information includes full names, national ID numbers, addresses, phone numbers, email addresses, dates of birth, insurance information, and registration dates of employees and their dependents.
@TheGhostITM
The leaked information includes full names, national ID numbers, addresses, phone numbers, email addresses, dates of birth, insurance information, and registration dates of employees and their dependents.
@TheGhostITM
Hezbollah hack into surveillance cameras in bid to target Israeli officials
A report from Haaretz alleges that Hezbollah-linked hackers have attempted to infiltrate Israeli surveillance camera systems in an effort to monitor and potentially target senior Israeli officials. Israel’s National Cyber Directorate said the activity formed part of a wider campaign to exploit existing surveillance infrastructure for intelligence purposes, focusing on accessing live feeds from both private and public cameras.
A report from Haaretz alleges that Hezbollah-linked hackers have attempted to infiltrate Israeli surveillance camera systems in an effort to monitor and potentially target senior Israeli officials. Israel’s National Cyber Directorate said the activity formed part of a wider campaign to exploit existing surveillance infrastructure for intelligence purposes, focusing on accessing live feeds from both private and public cameras.