Anthropic Fable 5 and Mythos 5 access Blocked to All Users Following Government Directive
Anthropic has disabled its two most capable AI models, Fable 5 and Mythos 5, after the U.S. government issued an export control directive late on…
Category: CyberSecurityNews
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional…
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as Fancy Bear,…
Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets
A fresh wave of supply chain attacks is putting blockchain developers, Web3 teams, and cloud engineers at serious risk. Researchers have uncovered a coordinated campaign…
SHEETCREEP C# RAT Abuses Google Sheets API as C2 to Target Diplomatic Organizations
A newly identified remote access trojan named SHEETCREEP is making headlines for its clever use of Google Sheets as a hidden communication channel between attackers…
Google Patches 28 Chrome Vulnerabilities that Allows Attackers to Execute Malicious Code
Google has released a new Chrome security update addressing 28 vulnerabilities, including several critical flaws that could allow attackers to execute malicious code on affected…
Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters
Mandiant and Google Threat Intelligence Group (GTIG) have issued a critical warning after identifying an active compromise-and-extortion campaign targeting Oracle PeopleSoft infrastructure, attributed to the…
OceanLotus APT Compromises FireAnt MetaKit in Supply-Chain Attack on Stock Investors
A notorious hacking group has been caught targeting stock investors in Vietnam through a supply chain attack, hijacking a popular investment software platform to deliver…
CISA Requires Federal Agencies to Patch Critical Vulnerabilities Within 3 Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 26-04, titled “Prioritizing Security Updates Based on Risk,” compelling all Federal…
Ivanti Command Injection Vulnerability Exploited in Attacks following PoC Release
Threat actors have begun actively exploiting a critical Ivanti Sentry command injection vulnerability just days after a proof-of-concept (PoC) exploit was made public, according to…
Ivanti Endpoint Manager Mobile Vulnerability Enables Remote Code Execution Attacks
A high-severity vulnerability, CVE-2026-6973, in Ivanti Endpoint Manager Mobile (EPMM) could allow authenticated attackers to achieve remote code execution by injecting malicious Apache configuration directives.…
Hackers Use Tax Phishing Emails to Deploy In-Memory Malware on Windows Systems
Hackers are using fake tax notification emails to trick Windows users into downloading dangerous multi-stage malware that runs entirely in memory, leaving almost no trace…