cyberintel.kalymoon.com · 5063 articles · updated every 4 hours · grows forever
The two key economic sectors struggle with security for a reason: Many insiders view access management as a roadblock, while attackers see it as a way in.
A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and…
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. "A single mali…
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. [...]
A new Coast Guard rule puts cybersecurity front and center for maritime operators Federal News Network
7 Best Cybersecurity ETFs for 2026 US News Money
A high-severity security flaw has been discovered in Vim, one of the most widely used text editors among developers. This vulnerability allows attackers to execute arbitrary operating system commands …
A financially motivated cybercrime group has been quietly compromising cloud environments since late 2025, and its activities are now drawing serious concern across the security community. The group, …
A popular collaboration tool within the Atlassian ecosystem is widely used by organizations to track projects, manage approvals, and manage daily tasks. Recently, security researchers at Snapsec uncov…
A Python-based information stealer known as BlankGrabber has been caught using a deceptive certificate loader trick to hide a multi-stage malware delivery chain. First identified in 2023, this threat …
A serious security flaw was recently found in Open VSX, the extension marketplace used by popular code editors like Cursor and Windsurf, as well as the broader VS Code fork ecosystem. The vulnerabilit…
A widely used Python package was quietly turned into a weapon, and most developers who got hit had no idea it happened. On March 27, 2026, a threat actor known as TeamPCP uploaded two malicious versio…
Cybercriminals have found a clever way to trick people by swapping real letters in website addresses with characters that look almost the same. These are called homoglyph attacks, and they are becomin…
A known threat group called TA446 has been caught using a newly discovered exploit kit called DarkSword to target iOS users. This development marks a significant shift in the group’s tactics, as previ…
Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials
Security researchers are warning that applications using AI frameworks without proper safeguards can expose sensitive information in basic, yet critical, non-AI ways. According to a recent Cyera analy…
A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under act…
Coro has announced new Model Context Protocol (MCP) capabilities that extend its AI-driven security platform beyond the Coro interface, allowing users to access, analyze, and take action on security d…
Diligent launched of Third-Party Risk Intel, an agentic due diligence and intelligence solution that automates the most time-consuming steps of third-party reviews, delivering up to 80% time savings f…
TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and there haven’t been reports of …
The startup has built an edge security management (ESM) platform, an AI engine atop the entire edge security stack. The post Huskeys Emerges From Stealth With $8 Million in Funding appeared first on S…
LLMs can write complex Rego and Cedar code in seconds, but a single missing condition or hallucinated attribute can quietly dismantle your organization’s least-privilege security model. The post Silen…
The company has disclosed a cybersecurity incident involving one of its electronic health record environments. The post Healthcare IT Platform CareCloud Probing Potential Data Breach appeared first on…
What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage s…