Uncategorized

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses 2026-06-30 at 18:40 By Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed Silent Swap by McAfee Labs. […]

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses Read More »

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks 2026-06-30 at 17:26 By The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks Read More »

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study 2026-06-30 at 16:49 By Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study Read More »

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks 2026-06-30 at 15:39 By Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless range, with just a laptop and no

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks Read More »

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer 2026-06-30 at 14:18 By An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer Read More »

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 2026-06-30 at 13:00 By Threat Hunter Team Bring Your Own Vulnerable Driver (BYOVD) has gone from a niche tactic to a standard part of the ransomware playbook and Windows’ own kernel hardening does little to stop it. This article is an excerpt

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security Read More »

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth 2026-06-30 at 12:45 By A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to ZDI.

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth Read More »

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials 2026-06-30 at 11:37 By Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user’s credentials

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials Read More »

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs 2026-06-30 at 10:15 By Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security.

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs Read More »

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild 2026-06-30 at 08:04 By A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild Read More »

Ford rehires experienced engineers after AI misses the mark

Ford rehires experienced engineers after AI misses the mark 2026-06-30 at 05:03 By Fox Business Ford has rehired experienced human engineers to help address the shortcomings of artificial intelligence (AI) tools meant to tackle quality issues in the automaker’s production processes. This article is an excerpt from Latest Technology News | New York Post View Original Source

Ford rehires experienced engineers after AI misses the mark Read More »

Chinese AI is now on par with Anthropic in terms of cybersecurity: report

Chinese AI is now on par with Anthropic in terms of cybersecurity: report 2026-06-30 at 00:34 By Marc Vartabedian Chinese artificial intelligence models have caught up to top U.S. systems in cybersecurity – a shift that could add pressure on the White House as it scrambles to figure out its domestic AI policy. Security researchers

Chinese AI is now on par with Anthropic in terms of cybersecurity: report Read More »

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears 2026-06-30 at 00:34 By Lisa Fickenscher Union officials have suggested that the digital tags could eventually be used to exploit so-called biometric data that identifies shoppers who enter stores — in particular facial recognition data — to charge customers different

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears Read More »

Rocket Lab buys satellite pioneer Iridium for $8B – setting up showdown with SpaceX

Rocket Lab buys satellite pioneer Iridium for $8B – setting up showdown with SpaceX 2026-06-29 at 22:10 By Marc Vartabedian Rocket Lab is buying Iridium Communications in an $8 billion cash-and-stock deal – equipping the rocket maker with a global satellite network and wireless spectrum that could help it compete with Elon Musk’s SpaceX. The

Rocket Lab buys satellite pioneer Iridium for $8B – setting up showdown with SpaceX Read More »

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input 2026-06-29 at 21:40 By Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input Read More »

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private 2026-06-29 at 20:48 By WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional feature is designed to help users connect with someone

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private Read More »

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks 2026-06-29 at 20:48 By The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indian government networks, including

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks Read More »

Scroll to Top