Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit.
AI is making DDoS attacks faster, smarter, and far more dangerous.
Attackers are now using AI to discover weak spots, create new attack vectors, and scale assaults with terrifying efficiency.
Attackers are now using AI to discover weak spots, create new attack vectors, and scale assaults with terrifying efficiency.
A previously unknown threat actor has been quietly targeting Ukraine since at least August 2025.
GREYVIBE uses spear-phishing, fake CAPTCHA pages, and fraudulent websites to deliver custom malware to military, government, civilian, and business targets.
GREYVIBE uses spear-phishing, fake CAPTCHA pages, and fraudulent websites to deliver custom malware to military, government, civilian, and business targets.
Two new Android NFC relay malware families — DevilNFC and NFCMultiPay — are targeting banking customers in Europe and Latin America.
These tools, developed with possible AI assistance, steal card PINs. DevilNFC even locks victims in a fake interface using Kiosk Mode while relaying card data.
These tools, developed with possible AI assistance, steal card PINs. DevilNFC even locks victims in a fake interface using Kiosk Mode while relaying card data.
Tool, called "Cali365," tricks users into entering a code on the official Microsoft authentication page, enabling attackers to access emails, messages, and stored files.
Cyber breach impacts Israeli Holocaust victims’ support center:
- Hacker group “Handala” has unauthorized access to the national support center
- Over 2 million files (~1 TB) reportedly exfiltrated, including databases, emails, and internal communications
- Group released details on document contents and links to affiliated entities
#TGITM @TheGhostITM
- Hacker group “Handala” has unauthorized access to the national support center
- Over 2 million files (~1 TB) reportedly exfiltrated, including databases, emails, and internal communications
- Group released details on document contents and links to affiliated entities
#TGITM @TheGhostITM
❤1
Yossi Kardi, head of Israel’s National Cyber Directorate, concluded a week-long U.S. visit focused on strengthening cybersecurity and digital defense cooperation.
Discussions also referenced recent cyber incidents, including the breach of personal emails of Kash Patel, claimed by the “Handala” group.
#TGITM @TheGhostITM
Discussions also referenced recent cyber incidents, including the breach of personal emails of Kash Patel, claimed by the “Handala” group.
#TGITM @TheGhostITM
👎1
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface.
ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak.
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets.
JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware.
CVE-2025-61622: PyFory – Insecure Pickle Deserialization to Remote Code Execution.
Nvidia and Microsoft unveil the first Windows computers equipped with Nvidia chips.
Israeli government cyber resilience under scrutiny:
- 500% surge in cyberattacks targeting Israeli missions abroad during wartime
- 65% of Israeli ministries ignored security warnings for months on a known vulnerable tool
- Sensitive salary data of hundreds of employees exposed
- 500% surge in cyberattacks targeting Israeli missions abroad during wartime
- 65% of Israeli ministries ignored security warnings for months on a known vulnerable tool
- Sensitive salary data of hundreds of employees exposed
Security researchers have uncovered a new attack technique that lets malicious websites spy on your browsing activity through hard drive.