Search the Portal

Recent Articles

JUL13
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks

Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from compromised systems. Unlike other information stealers that are built on AppleScript droppers or Objective-C-based wrappers, CrashStealer is implemented in native C++, according to Jamf Threat Labs. "It validates the victim's login password locally before

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researchers found a hidden browsing-history collector built into its official store version. The collector was dormant. An empty allow-list kept it switched off, and no proof has emerged that it ever gathered or sent a single browsing domain. The

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More

Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is that the attackers have the same tools, pointed the other way, and they don't file tickets. That's the shape of this week. Trusted code turns on the people who installed it. Old bugs from last year are still landing because the fix sat in a queue too

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Lessons Learned from CISA’s Recent GitHub Leak

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almost six...

Krebs on Security by BrianKrebs
JUL13
Hacker Conversations: Jesse McGraw (GhostExodus), From Blackhat Hacker to Redemption

Once a notorious blackhat hacker, McGraw shares his journey from high school hacking and prison to redemption as a cybersecurity advocate. The post Hacker Conversations: Jesse McGraw (GhostExodus), From Blackhat Hacker to Redemption appeared first on SecurityWeek.

Security Week by Kevin Townsend
JUL13
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email

Give an AI assistant a memory and access to your inbox, and you hand an attacker a way to rewrite what it thinks it knows about you. A single email can trick that agent into saving a false "fact" about the user, hide the change, and quietly steer its answers in later sessions. When it works, the person reads an ordinary-looking reply and never learns their assistant was tampered with. The

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Cybersecurity M&A Roundup: 37 Deals Announced in June 2026

Significant cybersecurity M&A deals announced by 1Password, Accenture, Cisco, F5, Rubrik, and SailPoint. The post Cybersecurity M&A Roundup: 37 Deals Announced in June 2026 appeared first on SecurityWeek.

Security Week by Eduard Kovacs
JUL13
RabbitMQ Vulnerability Threatens Enterprise Systems

Unauthenticated attackers could obtain the broker's confidential OAuth client secret, allowing them to take control of the broker. The post RabbitMQ Vulnerability Threatens Enterprise Systems appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL13
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling

Meta has filed a patent application for an AI that listens to your voice throughout the day, works out how it thinks you are feeling from the way you sound, and keeps a timestamped log of every read. Each read gets pinned to the moment it happened: the time, your location, what you were doing, even how you were using your phone. Some versions in the filing would listen all day; others would

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots

A few days ago, I was sitting with the CISO of a Fortune 50 company, walking through how his security team was thinking about AI agents in the SOC. Smart team. Serious program. They had already connected Claude to a few detection tools and were seeing real value in specific investigations. But as we mapped out the broader architecture, something kept nagging at me. The design they were building

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory

Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD) enumeration. "The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the

The Hacker News by info@thehackernews.com (The Hacker News)
JUL13
Zimbra Patches Critical Code Execution Vulnerability

The flaw results in malicious code embedded in crafted emails being executed when the emails are opened. The post Zimbra Patches Critical Code Execution Vulnerability appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL13
EU Targets Russian Intelligence Officers Accused of Running a Yearslong Cyber Spying Campaign

The move targeted people and entities accused of links to an online spying network that the EU claims targeted governments and carried out sabotage operations against critical infrastructure. The post EU Targets Russian Intelligence Officers Accused of Running a Yearslong Cyber Spying Campaign appeared first on SecurityWeek.

Security Week by Associated Press
JUL13
Organizations Warned of Exploited Joomla Extension Vulnerabilities

Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution. The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek.

Security Week by Ionut Arghire