ποΈ Iran-Linked Hackers Breach FBI Directorβs Personal Email, Hit Stryker With Wiper Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation FBI, and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Iran-Linked Hackers Breach FBI Directorβs Personal Email, Hit Stryker With Wiper Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation FBI, and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE20263055 CVSS score 9.3, refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian statesponsored threat group known as TA446, which is also tracked by the broader cybersecurity community under the monikers Callisto,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw impacting F5 BIGIP Access Policy Manager APM to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE202553521 CVSS v4 score 9.3, which could allow a threat actor to achieve remote code execution. "When a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. "A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content," the cybersecurity company said in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Cybercriminals Exploit Tax Season With New Phishing Tactics π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Taxseason phishing floods deliver RMM malware, credential theft, BEC and taxform scams.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cybercriminals Exploit Tax Season With New Phishing Tactics
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
β€2
π¦Ώ Android Alert: 50 Google Play Apps Linked to βNoVoiceβ Malware Reached 2.3M Downloads π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices. The post Android Alert 50 Google Play Apps Linked to NoVoice Malware Reached 2.3M Downloads appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Android Alert: 50 Google Play Apps Linked to βNoVoiceβ Malware Reached 2.3M Downloads
NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices.
ποΈ China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinaaligned threat actor has set its sights on European government and diplomatic organizations since mid2025, following a twoyear period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. "This TA416 activity included multiple.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are increasingly using HTTP cookies as a control channel for PHPbased web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actorsupplied cookie values to gate execution,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π₯2
ποΈ 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. "Every package contains three files package.json, index.js, postinstall.js, has no description, repository,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Fortinet has released outofband patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE202635616 CVSS score 9.1, has been described as a preauthentication API access bypass leading to privilege escalation. "An improper access control vulnerability CWE284 in FortiClient EMS may allow an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity