cyberintel.kalymoon.com · 5150 articles · updated every 4 hours · grows forever
German-led policing effort against fraud operation disrupts countless CSAM and cybercrime sites
CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns
Last year, I asked a room of infrastructure, identity and application leaders a simple question: “Where in our environment do we rely on RSA or elliptic curve cryptography?” The first answers were the…
The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives c…
A new infostealer is bypassing Chrome’s Application-Bound Encryption ( ABE ), using a debugger-based technique researchers say hasn’t been seen in the wild before. Called “VoidStealer,” the stealer se…
Zero Networks has announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters. The new capability enables security and DevOps t…
Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of intelligence interest, inc…
Enterprise identity is undergoing a fundamental shift. Employees are no longer the only identities operating inside organizations. Service accounts, machine identities, application integrations, and A…
Proofpoint has unveiled innovations across its Collaboration Security and Data Security portfolios, strengthening protection for the agentic workspace, where people and AI agents interact across commu…
Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whethe…
Attack volumes are back to pre-disruption levels, and the adversary tactics have remained unchanged. The post Tycoon 2FA Fully Operational Despite Law Enforcement Takedown appeared first on SecurityWe…
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior. The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityW…
Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments. T…
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and t…
Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. [...]
CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. [...]
The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country's Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks.…
Federal agencies abruptly pull out of RSAC after organizer hires Easterly Cybersecurity Dive
Eventus Security Wins Across Three Categories at Cybersecurity Excellence Awards 2026 India Technology News
It’s an impressive feat , over a decade after the box was released: Since reset glitching wasn’t possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with t…
Microsoft has issued an out-of-band (OOB) update for Windows 11 versions 25H2 and 24H2, identified as KB5085516, addressing a critical sign-in bug introduced by the March 2026 Patch Tuesday release. T…
A new malware campaign is targeting organizations across healthcare, government, education, and hospitality sectors using cleverly disguised copyright violation notices to deliver PureLog Stealer, a p…
Insider threats are coming back in a consequential way. According to the State of Human Risk Report from Mimecast, 42% of organizations have experienced an increase in malicious insider incidents over…
DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance level for more than twelve ye…