π¦Ώ Nearly 7M Email Addresses Exposed in Crunchyroll Third-Party Breach π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Hackers claim they stole 6.8 million Crunchyroll email addresses through a thirdparty vendor breach, exposing support ticket data and other user details. The post Nearly 7M Email Addresses Exposed in Crunchyroll ThirdParty Breach appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Nearly 7M Email Addresses Exposed in Crunchyroll Third-Party Breach
Hackers claim they stole 6.8 million Crunchyroll email addresses through a third-party vendor breach, exposing support ticket data and other user details.
π¦Ώ 4 Best Free VPNs in 2026 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Looking for the best free VPNs? Check out our guide to find the most reliable and secure options for protecting your online privacy that wont break the bank. The post 4 Best Free VPNs in 2026 appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
4 Best Free VPNs in 2026
Looking for the best free VPNs? Check out our guide to find the most reliable and secure options for protecting your online privacy that wonβt break the bank.
ποΈ LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and managing a criminal site that allowed stolen.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multistage framework capable of comprehensive data theft and installing a remote access trojan RAT, which deploys an informationstealing Google Chrome extension masquerading as an offline version of Google Docs. "It logs keystrokes, dumps cookies and session tokens, captures screenshots, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The Kill Chain Is Obsolete When Your AI Agent Is the Threat ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In September 2025, Anthropic disclosed that a statesponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 8090 of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed. This incident is worrying, but there's a scenario that should.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also fined 100,000. Angelov, who went by the online aliases "milan" and "okart," is said to have comanaged a Russiabased cybercriminal group known as TA551 aka.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign leverages.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¨ Vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
UK organisations encouraged to take immediate action to mitigate two recently disclosed vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
National Cyber Security Centre - NCSC.GOV.UK
Vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway
UK organisations encouraged to take immediate action to mitigate two recently disclosed vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway.
π Cloud Phones Linked to Rising Financial Fraud Threat π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cybersecurity companys annual report issues warning over a massmarketed impersonation crisis over attackers abusing legitimate credentials.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π US: FCC Bans Foreign-Made Routers Over National Security Concerns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US Federal Communications Commission has placed all consumergrade internet routers produced outside the US on its covered list.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US: FCC Bans Foreign-Made Routers Over National Security Concerns
The US Federal Communications Commission has placed all βconsumer-gradeβ internet routers produced outside the US on its βcovered listβ
π TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Python package LiteLLM compromised with credentialstealing malware linked to TeamPCP threat group.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
π Experts Sound Alarm Over βPrompt Poachingβ Browser Extensions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Expel has warned of malicious Chrome extensions stealing users AI conversations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Experts Sound Alarm Over βPrompt Poachingβ Browser Extensions
Expel has warned of malicious Chrome extensions stealing usersβ AI conversations
π GRC Tools vs. Compliance Platforms: Drop That Excel Table! π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
If you work in GRC, you know this scene intimately a shared Excel workbook, colorcoded by risk level, updated quarterly before audits, and quietly maintained by one or two people The post GRC Tools vs. Compliance Platforms Drop That Excel Table! appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
GRC Tools vs. Compliance Platforms
Learn the real difference between standalone GRC tools and modern SaaS compliance platforms β and how continuous, AI-powered compliance with UnderDefense MAXI helps lean teams stay audit-ready 365 days a year.
π¦
The Agentic AI Attack Surface: Prompt Injection, Memory Poisoning, and How to Defend Against Them π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
The rise of agentic systems is changing how organizations think about defense and risk. As enterprises embrace autonomous decisionmaking, the agentic AI attack surface expands in ways that traditional security models were never designed to handle. These systems dont just process inputs they interpret goals, make decisions, and act independently. That shift introduces a new category of AI security vulnerabilities, where manipulation doesnt target code directly but the reasoning layer itself. Two new threats, prompt injection attacks and memory poisoning in AI, are quickly becoming central concerns in agentic AI security. Understanding how they work and how to defend against them is more than critical for any organization deploying autonomous systems at scale. The Expanding Agentic ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Prompt Injection Attacks In Agentic AI Security Risks
Learn how prompt injection attacks expose agentic AI systems to risk, alongside memory poisoning, and how to secure autonomous decision-making.
π’ βItβs not a good look for the PC ecosystem as a whole.β HP to make fix for TPM vulnerability an industry standard π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Just announced TPM Guard offers important protection against device data theft when attackers gain physical access.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
βItβs not a good look for the PC ecosystem as a whole.β HP to make fix for TPM vulnerability an industry standard
Just announced TPM Guard offers important protection against device data theft when attackers gain physical access
π’ LiteLLM PyPI compromise: Everything we know so far π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The TeamPCP hacking group is believed to have successfully backdoored the package to harvest credentials.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
LiteLLM PyPI compromise: Everything we know so far
The TeamPCP hacking group is believed to have successfully backdoored the package to harvest credentials
π’ Systems are deterministic, people are probabilistic β AI is both, and that's a headache for cyber teams π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
AI combines both the risks associated with IT systems and the people using them, creating headaches for practitioners.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Systems are deterministic, people are probabilistic β AI is both, and that's a headache for cyber teams
AI combines both the risks associated with IT systems and the people using them, creating headaches for practitioners
π’ Tenable co-CEO Stephen Vintz says enterprises need to get serious about tackling the AI βresponsibility gapβ π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Tenable chief wants a serious conversation on AI ownership and accountability.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Tenable co-CEO Stephen Vintz says enterprises need to get serious about tackling the AI βresponsibility gapβ
The Tenable chief wants a serious conversation on AI ownership and accountability
ποΈ [Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered Would your defenses actually stop a real attack? Thats where things get shaky. A control exists, so its assumed to work. A detection rule is active, so its expected to catch something. But very.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity