Cyber Security News

Google has officially moved Device Bound Session Credentials (DBSC) to general availability in the Chrome browser on Windows, delivering a powerful defense against one of the most persistent threats in modern cybersecurity session cookie theft. Previously available in beta for Google Workspace users, DBSC is now enabled by default across all Workspace customers, Individual subscribers, […]

The post Google Chrome’s Device-Bound Session Credentials Now GA to Block Account Takeovers appeared first on Cyber Security News.

GREYVIBE hackers are increasingly leveraging generative AI tools such as ChatGPT and Google Gemini to enhance cyberattack operations. The campaign, active since at least August 2025, primarily targets Ukraine and related entities across the government, military, and civilian sectors, highlighting a growing convergence between artificial intelligence and modern cyber warfare. WithSecure researchers identified GREYVIBE as […]

The post GREYVIBE Hackers Leverage ChatGPT and Google Gemini to Fuel Cyberattacks appeared first on Cyber Security News.

Palo Alto Networks authentication bypass vulnerability, CVE-2026-0257, affecting PAN-OS and Prisma Access, is now being actively exploited in the wild, with CISA adding it to the Known Exploited Vulnerabilities (KEV) catalog on May 29, 2026. Palo Alto Networks published its security advisory on May 13, 2026, warning that CVE-2026-0257 enables a remote unauthenticated attacker to […]

The post Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild appeared first on Cyber Security News.

For most of the last decade, post-quantum cryptography lived in a particular kind of conversation. It came up at security conferences. It appeared in NIST press releases. CISOs nodded politely when it surfaced in briefings, filed it under “things to deal with eventually,” and moved on to the quarter’s actual fires.  That conversation is over. […]

The post Post-quantum cryptography is not the future. It is your current reality.   appeared first on Cyber Security News.

A newly analyzed ransomware strain called The Gentlemen is raising serious alarms across the cybersecurity community. Built in the Go programming language and obfuscated with a tool called Garble, it combines powerful per-file encryption with an aggressive ability to spread itself silently across entire networks without any human intervention. Organizations in education, healthcare, transportation, and […]

The post Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges appeared first on Cyber Security News.

A new threat actor tracked as JINX-0164 has been running calculated attacks against cryptocurrency organizations, using LinkedIn profiles to lure developers into downloading custom macOS malware. Active since at least mid-2025, the group has combined social engineering, credential theft, and supply chain sabotage into a seamless operation that puts the entire software development pipeline at […]

The post JINX-0164 Threat Actor Using LinkedIn Social Engineering to Deploy Custom macOS Malware appeared first on Cyber Security News.

A wave of sophisticated supply chain attacks has put millions of software developers on high alert, with threat actors turning everyday developer tools into weapons for stealing credentials, cloud tokens, and source code. What makes these campaigns especially alarming is how they exploit the very systems developers trust most: their editors, automated pipelines, and version […]

The post Attackers Abuse Trusted Developer Tooling to Exfiltrate Source Code and Secrets appeared first on Cyber Security News.

Ask any developer who has run a container image scan what happens next, and you will hear the same story. The scanner returns 200 CVEs. Most are noise. A handful are real. The report gets closed, the image ships, and the vulnerabilities go with it. That gap between finding a problem and fixing it is […]

The post From 200 CVEs to Actionable Fixes – DockSec Brings AI to Container Security appeared first on Cyber Security News.

A newly discovered malicious NuGet package masquerading as an official Sicoob software development kit (SDK) has been caught exfiltrating highly sensitive banking credentials, raising serious concerns about software supply chain security in financial ecosystems. The package, published under the name “Sicoob. Sdk,” targeted developers building integrations with Brazil’s Sicoob banking APIs and silently harvested authentication […]

The post Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords appeared first on Cyber Security News.

A new wave of malicious software packages has been caught stealing cloud credentials and CI/CD pipeline secrets from developer machines, raising fresh alarms about the security of the open-source software supply chain. The attack, uncovered on May 28, 2026, shows just how easy it has become for bad actors to slip dangerous code into the […]

The post Typosquatted npm Packages Steal Cloud and CI/CD Secrets From Developer Systems appeared first on Cyber Security News.

A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting ChatGPT’s page summarization feature, rendering attacker-controlled links, fake security alerts, and QR codes directly inside the trusted ChatGPT interface. Researchers at Permiso have disclosed the attack dubbed ChatGPhish, which builds on the same trust-transfer logic previously demonstrated against […]

The post New ChatGPT Vulnerability Lets Attackers Turn Web Pages Into Phishing Payloads appeared first on Cyber Security News.

Hackers are using a clever trick to get people to install dangerous malware, and most victims have no idea it is happening. By visiting pirated movie and TV show streaming sites, users are met with a fake alert claiming their video player plugin is out of date. One click on that fake update button kicks […]

The post Hackers Use Fake Video Player Updates to Deploy Miner and RAT Malware appeared first on Cyber Security News.

A sophisticated phishing campaign is actively targeting financial organizations by using fake Adobe Document Cloud pages to silently install ScreenConnect remote access malware on victim machines. The operation is well-structured, deceptive, and difficult to detect because it blends into everyday enterprise software activity. The campaign works by sending phishing emails that look like legitimate Adobe […]

The post Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware appeared first on Cyber Security News.

A polished, fully functional npm package has been caught secretly stealing OpenAI Codex authentication tokens from developers who trusted it. The package, named codexui-android, presented itself as a remote web UI for OpenAI Codex with no obvious signs of being malicious. It built a genuine user base, amassed 27,000 weekly downloads, and maintained an active […]

The post Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens appeared first on Cyber Security News.

A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide. The malware disguises itself as a legitimate Microsoft process, making it significantly harder for security tools to flag it as a threat. Its ability to […]

The post MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration appeared first on Cyber Security News.

A trusted tool for VMware administrators has been weaponized. Attackers built a fake version of RVTools, a widely used utility for managing virtual infrastructure, and disguised it with a real digital certificate to slip past Windows security warnings without raising a flag. RVTools is a staple in enterprise environments. IT administrators rely on it daily […]

The post Malicious RVTools Installer Abuses Sectigo Certificate to Bypass SmartScreen Warnings appeared first on Cyber Security News.

A critical vulnerability in the Samba printing subsystem, tracked as CVE-2026-4480, has been disclosed, allowing unauthenticated attackers to achieve remote code execution (RCE) on affected systems. The flaw carries a maximum CVSS v3.1 score of 10.0, highlighting its severe impact and ease of exploitation. Samba, widely used for file and print services across Linux and […]

The post Critical Samba Vulnerability Enables Remote Code Execution Attacks appeared first on Cyber Security News.

Google has pushed a major Chrome Stable update that fixes 151 security flaws, including 22 critical vulnerabilities affecting core graphics, networking, media, and UI components across Windows, macOS, and Linux. The Stable channel has been updated to version 148.0.7778.216/217 for Windows, 148.0.7778.215/216 for macOS, and 148.0.7778.215 for Linux, with the rollout scheduled over the coming […]

The post Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones appeared first on Cyber Security News.

A Google software engineer has been charged in the United States for allegedly using confidential internal data to generate more than $1.2 million in profits through prediction market trading. The case highlights growing concerns around insider threats and misuse of privileged access in large technology organizations. According to the U.S. Attorney’s Office for the Southern […]

The post Google Employee Charged for Making $1.2 Million With Confidential Information appeared first on Cyber Security News.

A newly disclosed vulnerability in Visual Studio Code’s Remote-SSH extension exposes a critical post-compromise attack path that allows threat actors to pivot from infected developer machines into cloud and production environments. Given the extension’s widespread adoption across modern development workflows, the issue poses a significant risk to organizations that rely on remote infrastructure access. VS […]

The post VS Code Remote-SSH RCE Lets Attackers Pivot From Developer Machines to Cloud Servers appeared first on Cyber Security News.