cyberintel.kalymoon.com · 20436 articles · updated every 4 hours · grows forever
A dangerous rootkit called OrBit has been quietly targeting Linux systems for years, stealing login credentials and hiding deep inside infected machines without triggering most security tools. New res…
Pwn2Own Berlin 2026 opened with a surge of zero-day exploits targeting modern browsers, operating systems, and emerging AI platforms. On Day One alone, security researchers successfully hacked Microso…
Hackers are exploiting a little-known feature of Microsoft’s authentication system to steal account credentials at scale. Device code phishing campaigns now target organizations worldwide by manipulat…
A dangerous new piece of malware called Shai-Hulud has emerged as one of the most alarming supply chain threats of 2026. It is a self-propagating worm that quietly tunnels through developer environmen…
A chain of four critical vulnerabilities discovered in OpenClaw, one of the fastest-growing open-source platforms for autonomous AI agents, has left an estimated 245,000 publicly accessible server ins…
Gunra ransomware has quickly grown from a new threat into a serious global problem, hitting dozens of organizations in less than a year. The group behind it is not just encrypting data, but also runni…
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. Abou…
Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use th…
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the…
Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. The post In Other News: Bi…
The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an "agreement" with the ShinyHunters cybercriminals.
Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively …
Microsoft is introducing a new capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. [...]
Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. […
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was "by design." [...]
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the data…
Overview of 10+ Chinese Quantum Computing Companies – 2026 The Quantum Insider
This was the secret real villain of MAFS Australia 2026 and it’s not Gia or Bec The Tab
Sublime Security Named to Rising in Cyber 2026 List of Top Cybersecurity Startups PR Newswire
Cellebrite Announces 20 JUSTYS Award Winners at C2C User Summit 2026 The Manila Times
Cellebrite DI Q1 Earnings Call Highlights MarketBeat
Cellebrite DI Ltd. (NASDAQ:CLBT) Q1 2026 Earnings Call Transcript Insider Monkey