Content is curated from many trusted industry sources, including vendor advisories, security blogs, bug bounty programs, and conference organizers worldwide.
A critical privilege escalation flaw (CVE-2026-8206) in the Kirki WordPress plugin enables attackers to take over any user account, including admins. Exploitation permits elevation of privileges, credential access, and potential full site compromise, underscoring the need for patching and credential hardening. Act now..
WeedHack, a large-scale malware campaign, targets Minecraft players and has compromised over 116,000 devices since January, highlighting rapid spread through deceptive delivery methods and game-related lures. The campaign underscores ongoing risk to gamers and calls for hardened endpoint defenses and user awareness. Vigilance and updates are needed.
The statement asserts that no infection or malware activity targets individuals or systems in Russia or other CIS states. It implies a deliberate geographic restriction in a cyber operation, possibly to mitigate political or legal risk, and underscores the role of attribution, geolocation, and ethical constraints in threat modeling.
Zoom CISO Sandra McLeod outlines securing a global communications platform, balancing rapid product delivery with risk management, and leveraging AI-driven security workflows. She shares leadership guidance for aspiring cybersecurity leaders, emphasizing governance, collaboration, continuous learning, and a strong incident response culture. Strongsec!
Threat actor deploys an AI-built ransomware toolkit that automates Active Directory discovery and improves evasion of endpoint detection and response (EDR) solutions, enabling stealthier lateral movement and quicker compromise. The approach leverages automated discovery, targeting AD to map assets and bypass defenses efficiently. This raises risk of AD compromise, lateral movement, and data theft.
Phishing-as-a-service expands beyond Microsoft 365 to target AWS, Okta, and Russian platforms, leveraging device code phishing to harvest credentials. The broadened attack surface enables impersonation of trusted services, capture of tokens and logon data, and rapid credential compromise across diverse environments. This expands risk across cloud.
The White House cut the AI review period from 90 to 30 days in a voluntary framework signed by President Trump, directing NSA, Treasury, and CISA to set benchmarks for advanced AI cybersecurity without mandatory licensing or preclearance. The measure favors voluntary compliance and guides agencies to refine risk assessments and reduce friction now.
Google released June 2026 patches for 124 Android vulnerabilities, including a high-severity Framework flaw exploited in the wild. CVE-2025-48595 carries a CVSS 8.4 score and enables privilege escalation without user interaction, highlighting ongoing exploitation risks and the need for timely patching. IT teams should verify updates and test patches.
An extensive IAB-backed scheme leverages a malicious traffic distribution system (TDS) to covertly redirect visitors from trusted sites to destinations that serve malware, enabling broad distribution of malicious payloads and undermining user trust across widely visited web properties. This rise erodes trust in online ads and flags need for vetting
A Chinese threat actor campaign targets high-value organizations with a stealthy, two-stage spear-phishing operation that deploys the Azureveil malware to gain access, move laterally, and exfiltrate sensitive data. The blend of social engineering and illicit tooling enables evasion and persistence in targeted networks.
Gamaredon, a Russian threat group, is linked to ongoing use of a WinRAR path-traversal flaw (CVE-2025-8088) to deliver malware designed for data theft and propagation. Sekoia notes the payload chain weaponizes HTML Application to deploy GammaPhish, enabling further retrieval and compromise across targets.
CISA added Oracle WebLogic Server vulnerability CVE-2024-21182 to the Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation. The flaw, rated CVSS 7.5, allows an unauthenticated attacker with network access to gain control of vulnerable servers, potentially compromising confidentiality, integrity, and availability. Update.
A critical privilege escalation flaw (CVE-2026-8206) in the Kirki WordPress plugin enables attackers to take over any user account, including admins. Exploitation permits elevation of privileges, credential access, and potential full site compromise, underscoring the need for patching and credential hardening. Act now..
WeedHack, a large-scale malware campaign, targets Minecraft players and has compromised over 116,000 devices since January, highlighting rapid spread through deceptive delivery methods and game-related lures. The campaign underscores ongoing risk to gamers and calls for hardened endpoint defenses and user awareness. Vigilance and updates are needed.
The statement asserts that no infection or malware activity targets individuals or systems in Russia or other CIS states. It implies a deliberate geographic restriction in a cyber operation, possibly to mitigate political or legal risk, and underscores the role of attribution, geolocation, and ethical constraints in threat modeling.
Zoom CISO Sandra McLeod outlines securing a global communications platform, balancing rapid product delivery with risk management, and leveraging AI-driven security workflows. She shares leadership guidance for aspiring cybersecurity leaders, emphasizing governance, collaboration, continuous learning, and a strong incident response culture. Strongsec!
Threat actor deploys an AI-built ransomware toolkit that automates Active Directory discovery and improves evasion of endpoint detection and response (EDR) solutions, enabling stealthier lateral movement and quicker compromise. The approach leverages automated discovery, targeting AD to map assets and bypass defenses efficiently. This raises risk of AD compromise, lateral movement, and data theft.
Phishing-as-a-service expands beyond Microsoft 365 to target AWS, Okta, and Russian platforms, leveraging device code phishing to harvest credentials. The broadened attack surface enables impersonation of trusted services, capture of tokens and logon data, and rapid credential compromise across diverse environments. This expands risk across cloud.
The White House cut the AI review period from 90 to 30 days in a voluntary framework signed by President Trump, directing NSA, Treasury, and CISA to set benchmarks for advanced AI cybersecurity without mandatory licensing or preclearance. The measure favors voluntary compliance and guides agencies to refine risk assessments and reduce friction now.
Google released June 2026 patches for 124 Android vulnerabilities, including a high-severity Framework flaw exploited in the wild. CVE-2025-48595 carries a CVSS 8.4 score and enables privilege escalation without user interaction, highlighting ongoing exploitation risks and the need for timely patching. IT teams should verify updates and test patches.
An extensive IAB-backed scheme leverages a malicious traffic distribution system (TDS) to covertly redirect visitors from trusted sites to destinations that serve malware, enabling broad distribution of malicious payloads and undermining user trust across widely visited web properties. This rise erodes trust in online ads and flags need for vetting
A Chinese threat actor campaign targets high-value organizations with a stealthy, two-stage spear-phishing operation that deploys the Azureveil malware to gain access, move laterally, and exfiltrate sensitive data. The blend of social engineering and illicit tooling enables evasion and persistence in targeted networks.
Gamaredon, a Russian threat group, is linked to ongoing use of a WinRAR path-traversal flaw (CVE-2025-8088) to deliver malware designed for data theft and propagation. Sekoia notes the payload chain weaponizes HTML Application to deploy GammaPhish, enabling further retrieval and compromise across targets.
CISA added Oracle WebLogic Server vulnerability CVE-2024-21182 to the Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation. The flaw, rated CVSS 7.5, allows an unauthenticated attacker with network access to gain control of vulnerable servers, potentially compromising confidentiality, integrity, and availability. Update.
Unlimited intelligence feeds and real-time alerts in the Secwiser app.
Download now