An initial access broker weaponized a critical vulnerability known as CitrixBleed 2 in a series of attacks during the first half of 2026 across multiple organizations, according to a report released Thursday by the security company Huntress. After exploiting the vulnerability, the hackers escalated privileges, created rogue local administrator accounts and established persistence with legitimate remote access tools, including ScreenConnect and Zoho Assist. READ MORE...
Cybersecurity agencies from the United States and eight other countries have issued a joint warning that Russian state hackers are targeting vulnerable and poorly configured routers to infiltrate critical infrastructure networks. The joint advisory, co-authored by the NSA, FBI, and CISA, along with 15 other agenciess, attributes the attacks to hackers from the Russian Federal Security Service (FSB) Center 16. READ MORE...
Healthcare diagnostics company Centers Laboratory (Centers Lab NJ LLC) has informed the US government that a data breach discovered nearly one year ago affects more than 540,000 individuals. According to a data breach notice posted on its website, the New Jersey-based provider of testing and laboratory services for healthcare organizations discovered an intrusion in its IT environment in August 2025. READ MORE...
Ghostcommit is a proof of concept that shows how AI assistants used to review software code can be tricked by hidden instructions embedded in images. The academic ASSET Research Group showed that an attacker can place instructions inside an image file, point to it in an AGENTS.md file, and get an AI coding agent to follow those instructions during a later task. While AI-assisted code review is becoming part of everyday development, Ghostcommit exposes a weakness many teams have not considered. READ MORE...
Microsoft published new research on GigaWiper, a modular Golang backdoor for Windows that combines robust remote access with multiple ways to permanently destroy systems and data. GigaWiper is a Windows backdoor that Microsoft has observed in intrusions since October 2025. Rather than being a single-purpose wiper, it's an operational platform that blends command-and-control (C2), data destruction, and remote access options in a single piece of malware. READ MORE...
Copy-paste, the unremarkable, almost reflexive keyboard shortcut, hasn't always registered as the cybersecurity risk it is now. Today, as enterprise employees move sensitive data in and out of LLMs, the behavior is being more widely recognized as a serious cybersecurity threat, right up there with misconfigured cloud buckets and phishing attacks. Enterprise employees are pasting sensitive data into and out of AI tools like ChatGPT, Claude and Gemini. READ MORE...
A researcher has discovered nine vulnerabilities in an ATM and corporate security program. The researcher and major ATM manufacturer Diebold Nixdorf disagree, though, about whether it could allow attackers to steal cash or not. At Black Hat USA 2026, Matt Burch, principal security researcher for Atredis Partners, will present nine new vulnerabilities he discovered in CryptWare CryptoPro Secure Disk. READ MORE...
Progress Software has ordered some ShareFile customers to pull the plug on their own servers after detecting what it describes as a "credible external security threat" targeting the on-premises component of its enterprise file-sharing platform. The emergency warning, sent by email and seen by The Register, instructed organizations running ShareFile Storage Zone Controllers to take the unusual step of manually shutting down the Windows servers that host the software. READ MORE...
Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. U-Boot is one of the world's most widely used open-source bootloaders and is found in many embedded Linux devices. including enterprise servers' Baseboard Management Controllers (BMCs), networking equipment and more. READ MORE...