KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. The threat actor tricks users into pasting a PowerShell command that ultimately delivers the ModeloRAT, which has been previously seen in ClickFix attacks. Initial access brokers (IAB) like KongTuke typically sell company network access to ransomware operators, who use it to deploy file-theft and data-encrypting malware. READ MORE...
Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits
The vulnpocalypse has begun. Palo Alto Networks usually finds five vulnerabilities a month, but on Wednesday said it scanned its entire codecase using the latest frontier models, including Anthropic's Mythos, and found 75 security holes, covered in 26 CVEs. This comes a day after Microsoft said it used its new agentic bug hunting system called MDASH to find 17 vulnerabilities across its products - on a record-setting Patch Tuesday that saw Redmond disclose a whopping 30 critical CVEs. READ MORE...
AI Drives Cybersecurity Investments, Widening 'Valley of Death'
Artificial intelligence has turbo-charged cybersecurity investments this year, but the technology has also generated a substantial amount of noise and uncertainty for investors and end-user organizations alike. Technology upheaval in the cybersecurity industry is nothing new, but the seismic shift from Anthropic's Mythos recent preview, Project Glasswing, continues to produce shockwaves. READ MORE...
F5 Patches Over 50 Vulnerabilities
F5 on Wednesday announced fixes for over 19 high-severity and 32 medium-severity vulnerabilities impacting BIG-IP, BIG-IQ, and NGINX. Based on the CVSS score, the most severe of the resolved issues is CVE-2026-42945 (CVSS v4.0 score of 9.2), a denial-of-service (DoS) condition in NGINX's ngx_http_rewrite_module module. The bug allows an unauthenticated attacker to send crafted HTTP requests that could trigger a heap buffer overflow and a restart. READ MORE...
Foxconn Attack Highlights Manufacturing's Cyber Crisis
An apparent ransomware attack on several of Foxconn's North American facilities is the latest reminder that manufacturing companies are among the most targeted in cybercrime, because of their central role in high-value supply chains and low-tolerance for downtime. Foxconn this week admitted that a cyberattack had affected operations at some of its North American facilities. The world's largest contract electronics manufacturer stopped short of describing the attack as a ransomware incident. READ MORE...
Weaponized AI: The new frontier of fraud and identity spoofing
Today's enterprise executives are navigating a complex landscape of AI-driven challenges, but none is more urgent than the rapid escalation of AI-generated fraud. Fraudsters are weaponizing generative AI to automate impersonation and mass-produce synthetic identities at a scale and pace that is rendering enterprises' long-standing defenses obsolete. This is no longer a slow-moving game of cat and mouse, it is a high-velocity arms race. READ MORE...
Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere
Mythos appears to be as powerful as claimed at detecting software vulnerabilities, but its capabilities in other areas is more nuanced. Anthropic's Mythos AI model has been making waves since its announcement in early April, primarily because of its reputed ability to unearth considerably more vulnerabilities than any other AI model. XBOW, an autonomous offensive security firm, has aimed its own AI testing armory against Mythos Preview to check the validity of this and other Mythos capabilities. READ MORE...
New critical Exim mailer flaw allows remote code execution
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. Identified as CVE-2026-45185, the security issue impacts some Exim versions before 4.99.3 that use the default GNU Transport Layer Security (GnuTLS) library for secure communication. It is a user-after-free (UAF) flaw triggered during the TLS shutdown while handling BDAT chunked SMTP traffic. READ MORE...
- ...in 1804, the Lewis and Clark Expedition departs to map and explore the Louisiana Purchase.
- ...in 1955, the Warsaw Pact treaty is signed by the Soviet Union and seven other Communist bloc nations.
- ...in 1973, the United States launches its first space station, Skylab.
- On this date, singer-songwriter and Talking Heads founding member David Byrne is born in Dumbarton, Scotland.
