3 Articles Today
150 This Month
6 Categories
150 Total Articles

Latest News

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots Vulnerabilities The Hacker News
The Hacker News Jul 10, 2026 1 min read

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project. From there, they could read live conversations, steal the data users shared, and make the bots send attacker-written messages, including requests to re-enter a password. Security firm Varonis found it

Scattered Spider Hackers Plead Guilty on Day 1 of Trial Threats Krebs on Security
Krebs on Security Jul 10, 2026 4 min read

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.

New Ghost Phishing Wave Is Breaking Traditional Email Security Threats The Hacker News
The Hacker News Jul 10, 2026 1 min read

New Ghost Phishing Wave Is Breaking Traditional Email Security

A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This β€œghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and response time

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware Malware The Hacker News
The Hacker News Jul 10, 2026 1 min read

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can choose from. Each is a different way to break a machine: wipe the whole disk, overwrite the Windows drive, or run fake "ransomware" that scrambles files with a key it never saves

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware Threats The Hacker News
The Hacker News Jul 10, 2026 1 min read

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat (APT) actor that's responsible for maintaining and proliferating LapDogs, an ORB network that first came to light in June 2025.

Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images Research The Hacker News
The Hacker News Jul 10, 2026 1 min read

Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images

Meta has announced that its new artificial intelligence (AI) model Muse Image lets people use public Instagram posts and reels to generate AI content, and it's enabled by default. "You can also @-mention Instagram accounts in the Meta AI app to bring specific Instagram profiles right into your images," the social media giant said in a post. "Whether you want to design a custom event invitation

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA Vulnerabilities The Hacker News
The Hacker News Jul 10, 2026 1 min read

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices. The vulnerabilities are listed below - CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the

Showing 51–60 of 149 articles
Prev 1 ... 4 5 6 7 8 ... 15 Next