cyberintel.kalymoon.com · 22870 articles · updated every 4 hours · grows forever
Application security testing firm Checkmarx has confirmed a significant escalation in its ongoing security incident. Cybercriminals have officially published company data on the dark web. This new dev…
Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may render incorrectly on certain system conf…
A critical remote code execution (RCE) vulnerability tracked as CVE-2026-3854 in GitHub’s internal git infrastructure that could have allowed any authenticated user to compromise backend servers, acce…
A sophisticated, memory-resident phishing campaign called BlobPhish, active since October 2024, that exploits browser Blob URL APIs to silently steal credentials from Microsoft 365 users, major U.S. b…
Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group
The National Cyber Security Centre has warned against measuring SOCs with ticket-based metrics
Extradition links alleged MSS-directed hacker to Silk Typhoon and COVID-19 espionage
Ransomware groups 0APT and KryBit have doxxed each other online
Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda
Security researchers have discovered a chilling backdoor aimed at Cisco System firewalls that exploits unpatched vulnerabilities to maintain persistence, even after patching. This means that attackers…
EDR-Software verhindert Endpunkt-Sicherheitsdebakel. Die richtige Lösung vorausgesetzt. SvetaZi | shutterstock.com Software im Bereich Endpoint Detection and Response (EDR) erfreut sich weiterhin stei…
The security industry has spent years building better authentication. Longer passwords, second factors, hardware tokens. And attackers responded by moving past authentication entirely. Adversary-in-th…
Identity has always been central to security, but the proliferation of AI agents is rapidly changing the challenge of managing and securing identity, spurring CISOs to rethink their identity strategie…
In the enterprise SaaS space, AI agents are becoming an integral part of the SaaS product. To make these intelligent agents truly useful, they need contextual, customer-specific knowledge, something s…
Security researchers have disclosed a high-severity vulnerability affecting the Cursor IDE, allowing arbitrary code execution on a developer’s machine through a seemingly routine repository interactio…
Canadian law enforcement arrested three men who face 44 charges for operating an SMS blaster device that mimicked a legitimate cellular tower. The device was operated from vehicles, allowing it to mov…
State privacy regulators across the United States collected $3.425 billion in privacy-related fines from companies in 2025. Gartner said the upward trend is expected to accelerate through 2028. Annual…
Security operations centres risk being rendered entirely ineffective if organizations measure them using the wrong performance indicators, according to Dave Chismon, CTO for Architecture at UK’s Natio…
NowSecure has announced Mobile App Risk Intelligence (MARI), new capabilities that give enterprises evidence-based visibility into third-party mobile apps, as hidden AI features, opaque code, and unse…
Cequence Security has announced the general availability of Agent Personas in Cequence AI Gateway. These capabilities give enterprises granular, infrastructure-level control over what AI agents can do…
Chinese national Xu Zewei was extradited from Italy to the United States to face charges tied to an alleged cyber espionage campaign that breached thousands of computers worldwide. Xu is charged along…
Sevii has unveiled a new capability designed to stop high-volume, AI-powered cyberattacks at machine speed and scale, without the burden of unpredictable AI token costs. Sevii’s Cyber Swarm Defense Mo…
The ShinyHunters group claims it has breached the Udemy, one of the world’s largest online learning platforms. According to Have I Been Pwned, the leaked dataset contained 1.4 million unique email add…
A coordinated police operation in Switzerland has targeted suspected members of the Black Axe criminal network. On 28 April 2026, authorities carried out house searches across several Swiss cantons, l…