News
JADEPUFFER Agentic Ransomware Uses LLM to Automate Database Extortion
6+ hour, 59+ min ago (383+ words) The actor gained execution on an internet-facing Langflow instance via CVE-2025-3248, used the AI-host environment to harvest cloud and API credentials, and pivoted into a production My SQL/Nacos deployment to carry out a destructive, database-focused extortion playbook without a…...
Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal
4+ hour, 21+ min ago (546+ words) A targeted phishing campaign delivering the Ousaban banking Trojan to users in Spain and Portugal, notable for its use of geofenced webpages, layered evasion techniques, and a modular delivery chain. The threat actor repurposes a playbook seen previously in Brazil…...
Phishing Campaign Uses Fake Invoice PDF to Drop Async RAT, Venom RAT, and XWorm
2+ hour, 28+ min ago (448+ words) A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily Async RAT, but also Venom RAT and XWorm via layered shortcuts. Try Cloudflare quick tunnels, and disguised Python packages. The…...
LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts
8+ hour, 51+ min ago (617+ words) A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million login attempts. This campaign has led to at least 78 confirmed account compromises across 64 organizations between June 12 and June 26, 2026. According to…...
Scattered Spider Hacker Arrested in Finland and Extradited to U. S. Over Cyber Intrusion Charges
9+ hour, 46+ min ago (458+ words) U. S. authorities have announced federal charges against an alleged member of the notorious cybercriminal group Scattered Spider, following his arrest in Finland and extradition to the United States. The defendant, identified as 19-year-old Peter Stokes, a dual national of the U. S. and…...
Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation
9+ hour, 13+ min ago (500+ words) A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level malicious ideas into operational attack chains without any native payload. The proof-of-concept leverages a social engineering…...
Turning Indicators into Intelligence in Open CTI with Criminal IP
22+ hour, 50+ min ago (307+ words) Torrance, California, USA, July 1st, 2026, Cyber Newswire Cyber threat intelligence becomes more valuable when indicators are enriched with context that supports investigation, correlation, and decision-making. Through the Criminal IP integration with Open CTI, security teams can transform IP addresses, domains, and…...
New Rust Duck Botnet Targets Io T Devices and Servers With Weak Passwords and RCE Exploits
1+ day, 6+ hour ago (331+ words) A sophisticated new botnet family dubbed Rust Duck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise Io T devices, routers, and enterprise servers through brute-force credential attacks and remote code execution vulnerabilities. Rust Duck employs a…...
Fluentd Security Flaws Enable Remote Code Execution, SSRF, Do S, and Credential Exposure
1+ day, 3+ hour ago (309+ words) Fluentd, a widely used open-source data collector for unified logging, has reported several high-impact vulnerabilities that could enable attackers to achieve remote code execution (RCE), server-side request forgery (SSRF), denial-of-service (Do S), and the exposure of sensitive credentials. These issues, documented…...
CISA Adds Actively Exploited Simple Help Vulnerability to KEV Catalog
1+ day, 3+ hour ago (476+ words) The U. S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in Simple Help, tracked as CVE-2026-48558, and added it to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that the vulnerability is actively being exploited in the wild,…...