Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...]
cyberintel.kalymoon.com · 8553 articles · updated every 4 hours · grows forever
Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...]
New article: “ Responsible Disclosure in the Age of AI: A Call for Urgent Action ,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability …
A Pakistan-linked threat group known as SideCopy has launched a focused cyberattack against Afghanistan’s Ministry of Finance, deploying a persistent remote access tool called XenoRAT. The campaign, d…
Iranian hackers have taken their cyberespionage playbook to a new level, deploying a sophisticated .NET hijacking technique to slip past endpoint defenses and target organizations across the United St…
A significant supply chain attack on June 1, 2026, targeting over 30 official packages under the @redhat-cloud-services npm scope. The campaign, dubbed “Miasma: The Spreading Blight,” is a new variant…
A well-known social engineering campaign called SmartApeSG is back in the spotlight, this time using ClickFix scripts to quietly plant remote access malware on Windows computers. The campaign lures vi…
Semperis is set to bring ‘Enter the War Room: A Tabletop Experience’ to Infosecurity Europe to help cybersecurity leaders prepare to face real incidents
Obsidian publishes PoC for a 1-click Flowise RCE that can fully compromise self-hosted servers
Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads have a new near-max severity issue to worry about. Researchers at Obsidian Security have detailed a on…
Microsoft Defender Vulnerability Management’s updated exposure score model adds vulnerability risk signals and asset context to help teams understand where risk is concentrated and which remediation a…
Hyland has unveiled platform innovations designed to move AI from experimentation to enterprise-wide adoption. Powered by the Content Innovation Cloud, these advancements transform governed enterprise…
Cato Networks announced a new capability that reduces time-to-protect for newly disclosed vulnerabilities to 45 minutes. The company attributes this reduction to the use of agentic threat research des…
PathSolutions has announced the launch of TotalView AI, a new capability within its TotalView platform that provides AI-driven troubleshooting for NetOps teams using network data analyzed on-premises.…
depthfirst has introduced Dependency Firewall, a product that reviews every open-source package being downloaded anywhere in a company and blocks the malicious ones before they reach the person or sys…
Insight has launched Insight Managed Exposure Defense, a managed security service designed to help organizations identify and address vulnerabilities. The service aims to help organizations reduce exp…
Password manager Dashlane has confirmed that a brute-force attack targeting user accounts triggered temporary account suspensions and authentication issues. The company first acknowledged the incident…
Secure Code Warrior has introduced Adaptive Learning, a capability designed to help organizations support AI software governance through targeted training based on identified risks. The feature delive…
CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB) warned on Friday. About CVE-20…
NetQuest announced an expansion of its NetworkLens enriched dataset portfolio. The new network telemetry datasets deliver detailed traffic characteristics of network management transactions, giving se…
Dragos said customers will soon gain expanded asset visibility and integrated device intelligence, with automated remediation workflows and a unified platform experience to follow. The post Dragos Acq…
Organizations are advised to patch CVE-2026-41089 as soon as possible, given its severity, the potential ongoing exploitation. The post Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs…
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May.
A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite …
Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: pois…