cyberintel.kalymoon.com · 4947 articles · updated every 4 hours · grows forever
New York, NY: Minimus, a provider of hardened container images and secure container images designed to reduce CVE risk, today announced the appointment of Yael Nardi as Chief Business Officer (CBO). I…
Secureframe has announced the launch of User Access Reviews, a new capability within Secureframe Comply. Access reviews are the primary mechanism organizations use to validate that the right people ha…
Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads …
Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misco…
U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, acro…
North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into install…
Signature Healthcare was forced to cancel some services, and pharmacies are unable to fill prescriptions due to the hacker attack. The post Massachusetts Hospital Diverts Ambulances as Cyberattack Cau…
The FBI received over 1 million complaints of malicious activity in 2025, with investment, BEC, and tech support scams causing the highest losses. The post FBI: Cybercrime Losses Neared $21 Billion in…
The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication. The post RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years …
A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL. The post Data Leakage Vulnerability Patched in OpenSSL appeared first on SecurityWeek .
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented mal…
A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords. [...]
Will drama at OpenAI hurt its IPO chances? fortune.com
Indian Bank has issued an urgent cybersecurity advisory warning its customers about a rapidly spreading wave of fraudulent LPG payment and KYC update messages that are being used to steal banking cred…
As cyber threats evolve at an unprecedented pace, Amazon Web Services (AWS) and Anthropic have teamed up to introduce the next generation of artificial intelligence for cybersecurity. Announced as par…
A newly discovered high-severity vulnerability in Docker Engine could allow attackers to bypass authorization plugins and potentially gain unauthorized access to the underlying host system. Tracked as…
Amazon Web Services (AWS) has introduced a major update to its cloud storage infrastructure with the launch of Amazon S3 Files. This new feature allows organizations to access their Amazon S3 buckets …
Google is bringing a major performance enhancement to its browser by expanding native lazy loading capabilities to include video and audio elements. By adding the loading="lazy" attribute directly to …
Microsoft has acknowledged a server-side issue that disrupted Start Menu search functionality for a subset of Windows 11 23H2 users, and has since deployed a fix to address the problem without requiri…
CISA has revealed Iranian attacks causing disruption and financial loss at US critical infrastructure firms