Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

June 23, 2026 at 02:24PM Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a…

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

June 23, 2026 at 11:08AM Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) …

OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws

June 23, 2026 at 09:26AM OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defen…

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

June 22, 2026 at 11:30PM Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown thr…

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

June 22, 2026 at 04:25PM It’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, p…

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

June 22, 2026 at 02:41PM Canada's spy service got a judge's permission to reach into infected servers, home routers, and …

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

June 22, 2026 at 12:27PM A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy netwo…

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

June 22, 2026 at 11:36AM A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the So…

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

June 20, 2026 at 03:26PM Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin…

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

June 20, 2026 at 12:03AM The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of…

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

June 19, 2026 at 04:00PM The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive d…

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

June 19, 2026 at 02:33PM Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in res…