Combing the world for the cybersecurity stories you need to know.

Cybersecurity News

Twill Typhoon Darktrace https://www.pexels.com/photo/an-abstract-artwork-5870930/

Twill Typhoon Modular Backdoor Rewrites Rules of Detection

June 01, 2026

Chinese-nexus threat actors have long demonstrated patience and operational sophistication. But newly-released research by Darktrace marks something more consequential than another well-executed intrusion. A Twill Typhoon attack documents an adversary that has engineered tooling to…

CISA KEV patching https://www.pexels.com/photo/united-states-capitol-facade-7016960/

How AI Is Collapsing the Federal Patching Window

May 29, 2026

The United States Cybersecurity and Infrastructure Security Agency (CISA) established the Known Exploited Vulnerabilities (KEV) catalog in November 2021 as a resource to aid federal agencies and the public in their efforts to defend against…

Claude Code credential stealer https://www.pexels.com/photo/illuminated-keyboard-with-digital-code-display-37694202/

Fake Claude Code Page Turns Trusted Developer Workflow Into Credential-Stealing Attack

May 26, 2026

A fake Claude Code installation page promoted through sponsored search results delivered an undocumented credential stealer by mimicking a familiar developer workflow, according to new research from Ontinue. Victims looking for Claude Code installation instructions…

email identity AiTM https://www.pexels.com/photo/icons-on-cellphone-screen-8829445/

The AiTM Campaign That Made Your Policies Work Against You

May 22, 2026

A recent large-scale credential theft campaign discovered by Microsoft Defender Research serves as a prime demonstration of how institutional culture can become the attack surface for increasingly sophisticated phishing attacks. The design of the lure…

open source supply chain vulnerability https://pixabay.com/illustrations/chain-chain-link-connection-2364831/

How Open Source CI Workflows Became the New Supply Chain Vulnerability

May 21, 2026

On April 24th, 2026, the Elementary Open Source Python CLI was released containing malicious code, injected by an attacker posting a crafted pull request (PR) comment. The GitHub Actions workflow interpolated the comment into a…

PocketOS Cursor agent database https://www.pexels.com/photo/a-man-in-red-shirt-covering-his-face-3760043/

When Agents Decide to "Fix" It: The Governance Gap in Autonomous AI

May 19, 2026

All it took was the time to read this sentence, or about nine seconds. An AI coding agent wiped out months of customer data essential to the PocketOS SaaS platform and its car rental clients.…

Copy Fail Linux vulnerability https://www.pexels.com/photo/close-up-of-rgb-backlit-gaming-keyboard-37099672/

How Copy Fail Turned Linux's Memory Efficiency Against Itself

May 18, 2026

A newly discovered vulnerability, dubbed Copy Fail and tracked as CVE-2026-31431, defies the profile of a classic kernel exploit by requiring no race condition, no version-specific offsets, and no compiled payloads. The same 732-byte Python…

SAP supply chain npm https://www.pexels.com/photo/close-up-of-codes-on-a-computer-screen-4976712/

SAP npm Compromise Exposes Credential Risk in Build Pipelines

May 15, 2026

Malicious versions of four SAP-related npm packages exposed developer machines and CI/CD systems to possible credential theft. Rather than targeting production SAP servers directly, the attack reached into the build pipeline used to create and…

PhantomRPC Microsoft https://www.pexels.com/photo/crop-cyber-spy-hacking-system-while-typing-on-laptop-5935794/

Why PhantomRPC Is a Flaw That Cannot Be Patched Away

May 14, 2026

The Remote Procedure Call (RPC) mechanism of the Interprocess Communication (IPC) ecosystem is the universal communication backbone of Windows systems, embedded so deeply in the OS that its failure modes become everyone's problem. A recent…

taxes phishing IRS https://www.pexels.com/photo/close-up-shot-of-a-document-through-a-magnifying-glass-7821673/

Tax Phishing Is Moving From Personal Inboxes to the Workplace

May 12, 2026

Tax phishing has long been easy to dismiss as a seasonal consumer scam: fake IRS emails, refund bait, audit threats, and other lures aimed at people anxious about filing deadlines. New research from Hoxhunt suggests…

AI security Unit 42 Zealot PoC https://www.pexels.com/photo/abstract-digital-circuit-block-graphic-art-30547567/

What Zealot Reveals About AI's Cloud Offensive Capabilities

May 11, 2026

A disclosure from AI giant Anthropic in November 2025 confirmed that AI autonomously executed between 80% and 90% of a particular state-sponsored espionage campaign, effectively shifting the debate from hypothetical to a documented reality. Unit…

Sysdig cloud security https://pixabay.com/illustrations/cloud-computer-circuit-board-cpu-6532831/

How the Cloud Security Reckoning Is Reshaping Defense

May 07, 2026

Cloud security company Sysdig recently published the 2026 Cloud-Native Security and Usage Report, detailing trends and needs in modern cloud operations and security. The report shows that cloud environments have scaled past what human-driven security…

Okta vishing LevelBlue https://www.pexels.com/photo/gold-condenser-microphone-near-laptop-computer-755416/

Okta Vishing Attacks Put Identity Help Desks in the Crosshairs

May 05, 2026

A new report from LevelBlue’s SpiderLabs team warns that threat actors are increasingly using voice phishing, or vishing, to manipulate Okta authentication processes, including MFA resets and new-device enrollment. Rather than relying only on malicious…

Nexcorium DVR https://www.pexels.com/photo/camera-de-surveillance-25391056/

DVRs Now Turning Into DDoS Attack Infrastructures

May 04, 2026

The IoT attack surface has never been larger—or more neglected. This trend was captured by FortiGuard Labs, which tracked a campaign in which a Mirai-variant botnet (dubbed Nexcorium) exploits CVE-2024-3721. The command injection vulnerability found…

GrafanaGhots Grafana https://www.pexels.com/photo/a-person-in-white-cloth-standing-on-a-grassy-field-9778975/

How GrafanaGhost Turned Your Observability Stack Into an Exfiltration Engine

May 01, 2026

Data analytics and monitoring platform Grafana serves as the central nervous system for enterprise telemetry, financials, and customer data in over 7,000 enterprises across the globe, including 70% of Fortune 50. While the consolidation and…

digital trust identity resilience security https://www.pexels.com/photo/home-office-creative-desktop-tools-16071270/

Why Enterprises Must Rethink Trust From the Inside Out

April 29, 2026

In modern enterprise environments, credential compromise serves as the dominant pathway for breaches. The rise of techniques such as deepfake technology and job candidate fraud exposes gaps in identity security that cannot be closed by…

AI agents non-human identities https://www.pexels.com/photo/white-jigsaw-puzzle-illustration-262488/

Why AI Agents Are Outrunning Enterprise Security Controls

April 27, 2026

The AI boom and other ongoing developments in recent years have led to a fundamental shift in the identity landscape. Keeper Security’s recent AI and Non-Human Identities Are Outpacing Security Controls report details a continuing…

UNC6783 social engineering cybersecurity https://www.pexels.com/photo/close-up-of-hands-typing-on-laptop-keyboard-indoors-36175215/

UNC6783 Is Turning Enterprise Support Channels into Extortion Entry Points

April 24, 2026

Google Threat Intelligence Group (GTIG) says a financially motivated threat cluster it tracks as UNC6783 is targeting business process outsourcers, help desks, and other enterprise support teams as an entry point into larger organizations. The…

Subscribe for the Latest News

Webinars

Thursday, Jun. 4 1pm ET / 10am PT

Is Your Security Built for Today’s World?

Tuesday, Jun. 9 1pm ET / 10am PT

Cloud Ransomware Tabletop: Unpacking an Attack from Detection to Recovery

Wednesday, Jun. 10 1pm ET / 10am PT

The 4 Levels of Cloud Cyber Resilience: Where Does Your Organization Stand?