cyberintel.kalymoon.com · 4672 articles · updated every 4 hours · grows forever
A new phishing campaign is actively targeting Indian taxpayers and businesses by impersonating the Income Tax Department of India. Threat actors have built convincing fake websites that look nearly id…
A newly discovered malware campaign is targeting government employees in Pakistan using carefully crafted spear-phishing emails that combine obfuscation and staged payload delivery to stay hidden from…
A credential-stealing malware named Vidar has quietly emerged as one of the most active threats targeting corporate employees in early 2026. Threat actors are using fake software downloads promoted th…
Google has fixed a critical security flaw in the Gemini CLI that could allow attackers to execute remote code in certain automated workflows. The issue affects the npm package @google/gemini-cli and t…
A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and government email addresses, including employees from Fortinet, Home Depot, Tenable…
Researchers uncover a new data theft and extortion group dubbed “BlackFile”
The “fast16” malware may have been used to target Iran’s nuclear program prior to Stuxnet
A new report by global technology recruitment firm, Harvey Nash, found that three quarters of cybersecurity staff are pessimistic on pay and half are looking for a new job
Dozens of browser extensions openly sell user data via privacy policy disclosures
Itron confirmed a cyber incident but does not believe it is likely to have a material impact on the company
US sanctions target Cambodian scam networks tied to crypto fraud and trafficking
Every SOC analyst has heard it by now: “AI is coming for your job”. I hear it in conversations with SOC teams. I see it in the hesitation during evaluations. And increasingly, I feel it as a source of…
Artificial intelligence tools are revamping DevSecOps processes, enabling security and development teams to more effectively build safeguards into software products from the get-go. But AI’s impact on…
An administrative role meant for AI agents within Microsoft’s Entra ID ecosystem could allow privilege escalation and tenant takeover attacks, as it had privileges over more than agent-related objects…
The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on S…
US conducts sweeping crackdown on Southeast Asian cyberscam operations as part of what officials say is a “new theater of war”. The post US Launches Sweeping Crackdown on Southeast Asia Cyberscams and…
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages. The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared f…
The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access. The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Ma…
Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13. The post Energy and Water Management Firm Itron Hacked appeared first on SecurityW…
The tech giant found that many indirect prompt injection attempts are harmless, but some malicious exploits have also been identified. The post Malicious AI Prompt Injection Attacks Increasing, but So…
A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators. The post OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years appeared first on …
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on Securit…
Some fear frontier LLMs like Claude Mythos and Anthropic's GPT-5.5 will lead to cybersecurity annihilation. Ari Herbert-Voss notes this could be an opportunity.
Researchers have uncovered a malware framework dubbed "fast16" that predates Stuxnet by five years.