A new Google Chrome flaw (CVE-2026-0628, CVSS 8.8) could let a malicious extension inject code into the Gemini side panel due to weak WebView policy enforcement.
Successful exploitation enabled privilege escalation and potential access to the camera, microphone, screenshots, and local files.
Successful exploitation enabled privilege escalation and potential access to the camera, microphone, screenshots, and local files.
Four Core Members of Hacktivist Group 'Anonymous Fénix' Arrested for Cyber Attacks on Public Organizations by Spain's Guardia Civil (Civil Guard).
Forwarded from 𓂆 Palestine
Amazon says drone strikes hit data centers in UAE & Bahrain, disrupting cloud services
Amazon said on Monday that several of its data centers in the UAE and Bahrain were hit by drone attacks, leading to interruptions in cloud operations and a recovery process it described as "prolonged".
"In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impact to our infrastructure," Amazon’s cloud division, Amazon Web Services (AWS), said in a notice on its status page.
"These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS said.
An attack on the UAE site represents the first known instance of a major US technology company’s data center being affected by military action.
Amazon said on Monday that several of its data centers in the UAE and Bahrain were hit by drone attacks, leading to interruptions in cloud operations and a recovery process it described as "prolonged".
"In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impact to our infrastructure," Amazon’s cloud division, Amazon Web Services (AWS), said in a notice on its status page.
"These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS said.
An attack on the UAE site represents the first known instance of a major US technology company’s data center being affected by military action.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Amazon: Three drones from Iran hit our facilities in the United Arab Emirates and Bahrain, causing disruptions to regular operations.
@TheGhostsITM
@TheGhostsITM
U.S. intelligence warns of large-scale cyber risks: May continue targeting U.S. and allied forces across the Middle East.
OptimizerAI Database Leaked With 118,000 User Records and 1.1 Million AI Generated Sounds.
A new phishing wave uses malicious OAuth apps to bypass email and browser defenses, #Microsoft warns.
Victims click links tied to fake app scopes, get redirected through legitimate identity providers, and end up downloading ZIP files that trigger PowerShell, MSI installs, and DLL sideloading.
Victims click links tied to fake app scopes, get redirected through legitimate identity providers, and end up downloading ZIP files that trigger PowerShell, MSI installs, and DLL sideloading.
A command-injection bug in VMware Aria Operations is now in CISA’s KEV catalog.
The flaw — CVE-2026-22719 (CVSS 8.1) — could let unauthenticated attackers run arbitrary commands during migration workflows.
The flaw — CVE-2026-22719 (CVSS 8.1) — could let unauthenticated attackers run arbitrary commands during migration workflows.
Hackers deployed modified Havoc C2 after posing as IT support.
They spam-bombed targets, called them directly to gain remote access, sent victims to a fake Outlook “anti-spam” page to steal credentials, then used DLL sideloading and legit RMM tools to move to nine endpoints in 11 hours.
They spam-bombed targets, called them directly to gain remote access, sent victims to a fake Outlook “anti-spam” page to steal credentials, then used DLL sideloading and legit RMM tools to move to nine endpoints in 11 hours.
600+ FortiGate devices breached in an AI-assisted campaign.
Team Cymru traced it to #CyberStrikeAI, an open-source Go tool bundling 100+ security utilities, run from 21 IPs across Asia and beyond.
The maintainer shows ties to #China’s vulnerability ecosystem.
Team Cymru traced it to #CyberStrikeAI, an open-source Go tool bundling 100+ security utilities, run from 21 IPs across Asia and beyond.
The maintainer shows ties to #China’s vulnerability ecosystem.
A new phishing suite called "Starkiller" proxies real login pages to bypass MFA.
It runs headless Chrome in Docker, loads the legitimate site, and relays everything live. Keystrokes and session tokens pass through attacker infrastructure, enabling account takeover.
It runs headless Chrome in Docker, loads the legitimate site, and relays everything live. Keystrokes and session tokens pass through attacker infrastructure, enabling account takeover.
Attacker source AS12975 (PALTEL Autonomous System) 🇵🇸
Various fabric endpoints are being exploited similar to CVE-2025-25257 (supplying malicious SQL code through authorization headers)
Various fabric endpoints are being exploited similar to CVE-2025-25257 (supplying malicious SQL code through authorization headers)
Hackers from DefacePeru & NulledPeru have leaked credentials for ArcGIS, the mapping program used by the National Intelligence Directorate, which is used to monitor territory, illegal mining, streets, satellite images, and blueprints. Ultra-sensitive data!
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
A total power outage in most areas of Baghdad following a Israeli cyberattack on the central power station in Baghdad.
Multiple infostealers — Arkanix, NovaStealer, DarkCloud, MawaStealer and others — are active in the wild.
Researchers say Arkanix was likely built with LLM assistance, speeding malware development. Stolen logs are filtered and sold to brokers seeking corporate network access.
Researchers say Arkanix was likely built with LLM assistance, speeding malware development. Stolen logs are filtered and sold to brokers seeking corporate network access.
Google uncovered an #iPhone exploit kit called Coruna containing 23 iOS exploits targeting versions 13–17.2.1.
The framework fingerprints devices and automatically loads the matching WebKit exploit chain. Researchers say it moved from #surveillance vendors to nation-state operators and later cybercrime groups.
The framework fingerprints devices and automatically loads the matching WebKit exploit chain. Researchers say it moved from #surveillance vendors to nation-state operators and later cybercrime groups.