Search the Portal

Recent Articles

JUL1
Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings

Microsoft's new Teams admin policy requires organizer approval for external AI bots, giving organizations greater visibility and control over automated participants in sensitive meetings. The post Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL1
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on spoofed websites. These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEIL#DROP by Securonix. It's suspected that the initial payloads are distributed either via spear-phishing or a drive-by compromise, which occurs when an unsuspecting user lands on

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portugal, and hides its real payload inside an image. The goal is the usual one: steal banking logins and take

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass," Adobe said in an alert released Tuesday. The vulnerabilities are listed

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-2026-8037 (CVSS score: 9.6), an operating system (OS) command injection flaw that could be exploited to achieve

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both Windows and Android devices. "This is the first documented case where a frontier AI model

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience

Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms this is the case, as this year's findings reveal a series of surprising contradictions. Here are a few examples, based on the independent survey of 1,200 IT and cybersecurity professionals

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities

Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL1
Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack

Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL1
Microsoft Accelerates Post-Quantum Cryptography Shift to 2029

Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner than previously expected. "Advances in quantum research and development have shifted the risk horizon," Mark Russinovich, chief technology officer of Microsoft Azure, said. "We believe

The Hacker News by info@thehackernews.com (The Hacker News)
JUL1
Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors

From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors appeared first on SecurityWeek.

Security Week by Joshua Goldfarb
JUL1
Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari

The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUL1
Dawnguard Raises $6.3 Million for Security Architecture Automation Platform

The company has publicly launched its solution to help organizations design, build, and operate secure cloud systems. The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platform appeared first on SecurityWeek.

Security Week by Ionut Arghire