‘BusySnake’ Infostealer Slithers into Critical Infrastructure Networks

A threat group researchers call “Armored Likho” has gained access to government agencies and electrical power entities in Russia, Brazil, and Kazakhstan.

darkreading – ​Read More

CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

Attackers wasted little time targeting the latest memory disclosure flaw in Citrix’s NetScaler products, after researchers published a proof-of-concept exploit (PoC).

darkreading – ​Read More

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations.

The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research

The Hacker News – ​Read More

Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer.

The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Major medical device manufacturer notifies nearly 4 million of breach

Information like Social Security numbers and health-related data was accessed, but the company said it had “no evidence that impacted information has been publicly posted or exposed on the internet.”

The Record from Recorded Future News – ​Read More

I compared Apple AirTags to competing Bluetooth trackers – including this $2 one

How does a budget tracker tag perform against the best of the best? Turns out all Bluetooth range is not created equal.

Latest news – ​Read More

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it.

Dubbed ‘Januscape’ and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit

The Hacker News – ​Read More

JadePuffer: The First Complete LLM-Driven Ransomware Attack

An “agentic threat actor” successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.

darkreading – ​Read More

I tested the new Claude Desktop on Linux – here’s how it compares to rival apps

Claude Code finally has an official Linux desktop app. It’s a great option, but trying to use local AI is where things get tricky.

Latest news – ​Read More

Azure CLI Password Spray Attack Exposes Microsoft 365 MFA Gap

A password spray campaign targeting Azure CLI sign-ins exposed how narrow Conditional Access policies can leave Microsoft 365 accounts vulnerable even when MFA is enabled.

The post Azure CLI Password Spray Attack Exposes Microsoft 365 MFA Gap appeared first on TechRepublic.

Security Archives – TechRepublic – ​Read More