The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the n8n workflow automation platform to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is currently being exploited in real world attacks. The vulnerability, tracked as CVE-2025-68613 with a CVSS score of 9.9, allows attackers to execute remote code […]
Cybersecurity researchers have demonstrated how an artificial intelligence powered web browser can be manipulated into executing a phishing scam in just a few minutes. The attack targeted the Comet AI browser developed by Perplexity, highlighting emerging risks in agentic AI browsing technologies. Agentic browsers use artificial intelligence to automatically interact with websites, complete tasks, and make
Meta has disabled more than 150,000 accounts connected to scam centers in Southeast Asia, part of a coordinated global effort involving authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The crackdown also led to 21 arrests by the Royal Thai Police. This action follows a
Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown Read More »
Cybersecurity investigators have revealed that a threat actor identified as UNC6426 successfully breached a company’s cloud infrastructure within 72 hours by abusing credentials stolen during a software supply chain compromise involving the Nx npm package. According to findings published in the Google Cloud Threat Horizons Report H1 2026, the attacker initially obtained a developer’s GitHub token. This credential enabled
UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours Read More »
Security researchers have uncovered a group of malicious packages written in the Rust programming language that were uploaded to the official Rust package registry crates.io. These packages were disguised as utilities designed to manage or synchronize system time but were actually created to steal sensitive developer data. The five malicious crates identified are: According to researchers from Socket, the
Five Malicious Rust Crates and AI Bot Abuse CI CD Pipelines to Steal Developer Secrets Read More »
Cybersecurity researchers have uncovered a campaign in which threat actors are exploiting vulnerabilities in FortiGate Next‑Generation Firewall devices to gain unauthorized access to corporate networks and steal sensitive credentials. According to a report from SentinelOne, attackers are targeting firewall appliances by exploiting recently disclosed security flaws or by using weak authentication credentials. Once inside the system,
Cybersecurity teams at Salesforce have reported a surge in malicious activity targeting publicly accessible Experience Cloud environments. According to the company, attackers are conducting large scale scans of these sites using a modified version of an open source security tool known as AuraInspector. The campaign primarily focuses on identifying misconfigured guest user permissions, which can expose sensitive data stored within Salesforce
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added three newly identified security vulnerabilities affecting SolarWinds, Ivanti, and Omnissa products to its Known Exploited Vulnerabilities (KEV) catalog after confirming that attackers are actively exploiting them. The KEV catalog is maintained by CISA to highlight vulnerabilities that are currently being used in real world cyber attacks, allowing organizations to prioritize patching
Cybersecurity researchers have uncovered a troubling case where two Google Chrome extensions became malicious after their ownership changed. The situation highlights a growing security threat in the browser extension ecosystem, where trusted tools can be converted into malware distribution channels. The affected extensions were originally associated with a developer using the email akshayanuonline@gmail.com, linked to the
High profile organizations across South Asia, Southeast Asia, and East Asia are being targeted in an ongoing cyber campaign believed to be conducted by a Chinese linked threat group. The attacks have been running for several years and primarily focus on organizations that play a critical role in national infrastructure. Security researchers from Palo Alto Networks
Attackers Use Web Server Exploits and Mimikatz to Target Asian Critical Infrastructure Read More »