CyberScoop
An AI-powered phishing campaign has compromised hundreds of organizations
An AI-powered phishing campaign has compromised 344 organizations across sectors such as construction, law, healthcare, and government. The campaign exploits Microsoft cloud accounts using OAuth tokens.
Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities
Google has released a security update addressing 129 vulnerabilities in Android devices, including an actively exploited zero-day vulnerability, CVE-2026-21385, affecting Qualcomm components.
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
A critical path-traversal vulnerability in WinRAR is being actively exploited by nation-state groups. The vulnerability, disclosed and patched six months ago, continues to be a target for espionage and financially motivated attacks.
LayerX: Malicious ChatGPT Chrome extensions are stealing account credentials
A significant identity-theft campaign is actively targeting Okta Single Sign-On (SSO) accounts across over 100 high-value enterprises. The campaign is orchestrated by the SLSH cybercriminal group.
CISA’s secure-software buying tool had a simple XSS vulnerability of its own
An XSS vulnerability was discovered in CISA's "Software Acquisition Guide: Supplier Response Web Tool." This vulnerability allowed attackers to inject malicious JavaScript into the web page, potentially affecting other users and defacing the website.
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Microsoft, in collaboration with international law enforcement, dismantled the RedVDS cybercrime marketplace. This operation has disrupted a significant source of cybercriminal activity, which facilitated widespread fraud and cyberattacks.
Sources: DHS finalizing replacement for disbanded critical infrastructure security council
The DHS is in the final stages of establishing a new council, the Alliance of National Councils for Homeland Operational Resilience (ANCHOR), to replace the disbanded Critical Infrastructure Partnership Advisory Council (CIPAC).
Kimwolf botnet’s swift rise to 2M infected devices agitates security researchers
Kimwolf has launched numerous DDoS attacks, frequently targeting Minecraft servers with short bursts lasting one to two minutes, though some attacks have extended for hours, causing widespread service disruption.
NIST, MITRE announce $20 million research effort on AI cybersecurity
The NIST and The MITRE Corporation have announced a $20 million initiative to establish two new research centers focused on artificial intelligence (AI) and its impact on cybersecurity for U.S. critical infrastructure.
DOJ announces takedown of alleged laundering platform used by cybercriminal groups
The DOJ has announced the takedown of E-Note, an alleged money laundering platform used by cybercriminal groups. This operation marks a significant step in disrupting the financial networks supporting cybercrime activities.
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
