cyberintel.kalymoon.com · 4657 articles · updated every 4 hours · grows forever
One in eight UK workers admits to selling their company login credentials - or knowing someone who has - in the past 12 months. The really alarming bit? Their bosses are even more relaxed about it. Re…
An active malware distribution campaign abusing two prominent AI platforms, Hugging Face and ClawHub, to deliver trojans, cryptominers, and infostealers disguised as legitimate AI tools and agent exte…
A newly discovered malware called ZiChatBot has been found quietly using the REST APIs of a legitimate team chat application called Zulip to receive and carry out commands from its operators. This app…
A dangerous new infostealer campaign is targeting some of the most sensitive data people store on their computers. Disguised as a legitimate installer for OpenClaw, a popular open-source personal AI a…
Škoda Auto has disclosed a significant IT security incident affecting its official online shop, revealing that unauthorized individuals exploited a vulnerability in the platform’s standard shop softwa…
A newly identified malware campaign is targeting senior executives and government investigators across Southeast Asia, using a modular Remote Access Trojan capable of stealing credentials, capturing s…
A new backdoor called PamDOORa has emerged as a serious and growing threat to Linux systems, targeting one of the most trusted components of the operating system to silently steal SSH credentials. The…
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requ…
Let’s Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue involving a cross-signed certificate linking the organization’s Generation X ro…
A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered user…
A highly sophisticated Brazilian banking trojan named TCLBANKER, tracked under the campaign REF3076, this malware represents a major update to the older Maverick and SORVEPOTEL families. It stands out…
Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform
A China-linked threat actor backdoored a version of Daemon Tools to infect thousands
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading
Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers
Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security
SentinelOne believes the PCPJack campaign may be the brainchild of a former TeamPCP member
ACSC warns over a campaign targeting organizations which uses ClickFix to deliver Vidar infostealer malware
This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation , which became mandatory for all companies beginning on May 25, 2018. The aim of the GDPR was simple…
By now, executive boards across industries understand that cyberattacks can be costly. What they often lack, however, is a clear view of which risks pose the biggest threat to their business and why c…
Enterprises migrating between SIEM platforms often have to manually rewrite detection rules because vendors such as Splunk, Microsoft Sentinel, IBM QRadar, and Google Chronicle use different query lan…
A LinkedIn feature that allows paid subscribers to view a list of visitors to their profile should be made available to all EU users free of charge to comply with the region’s General Data Protection …
A critical vulnerability in Ollama poses a direct risk of sensitive information leaks to more than 300,000 internet-exposed servers, researchers have found. The flaw, tracked as CVE-2026-7482, stems f…