cyberintel.kalymoon.com · 4741 articles · updated every 4 hours · grows forever
A critical Broken Object Level Authorization (BOLA) vulnerability in Lovable, the popular AI-powered app builder platform, is reportedly allowing unauthorized users to access sensitive project data, i…
Iran’s Ministry of Intelligence and Security (MOIS) has been running a long and carefully organized cyber campaign using three separate hacker identities. These identities, known as Homeland Justice, …
A North Korean threat group known as UNC1069 has been running a sophisticated campaign that tricks cryptocurrency and Web3 professionals into joining fake online meetings, only to infect their compute…
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-576…
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. [...]
Study: 94% of Experts Say AI Will Drive Cybersecurity Changes in 2026 tech.co
$62.31 Bn Automotive Cybersecurity Market, 2026-2040: Continental Stands out with Its End-to-end Portfolio, Encompassing Secure Gateway Solutions Customized for OEMs Like BMW and Ford Yahoo Finance
Attacker First Compromised AI Tool Used by Vercel Employee, Platform Provider Finds Cloud platform provider Vercel said an attacker breached its systems and stole customer data after compromising a th…
Cisco's Jeetu Patel on How Machine-Speed Threats Drive Need for AI-Led Security Cisco's Jeetu Patel explains how AI models are compressing exploit timelines to minutes, forcing a shift to machine-spee…
The National Security Agency is reportedly deploying Anthropic’s advanced AI model, Mythos Preview. Meanwhile, the Department of Defense has labeled the company a “supply chain risk,” highlighting an …
Microsoft has released Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, introducing notable improvements to Secure Boot visibility, storage management, and the Feedback Hub experience. …
Microsoft is actively working to resolve a service disruption that has left a subset of Teams desktop client users unable to launch the application, with the company now monitoring the rollback of the…
A new ransomware strain known as JanaWare has been quietly targeting home users and small to medium-sized businesses in Turkey, using a customized version of the well-known Adwind Remote Access Trojan…
Threat actors are now weaponizing QEMU, a legitimate open-source machine emulator and virtualizer, as a covert backdoor to steal credentials and deliver ransomware without triggering endpoint security…
A new and deceptive attack campaign has emerged where threat actors are impersonating IT helpdesk personnel through Microsoft Teams to trick employees into granting remote access to their systems. Wha…
FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices
Formbook attacks use combination of DLL Side-Loading and Obfuscated JavaScript to stay hidden, researchers at WatchGuard have uncovered
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities
Frontend cloud platform Vercel, the creator of Next.js and Turbo.js, has warned about a data breach after a compromised third-party AI application abused OAuth to access its internal systems. A Vercel…
Attackers are increasingly exploiting enterprise collaboration platforms such as Microsoft Teams to gain initial access, impersonating IT helpdesk staff and persuading employees to grant remote contro…
Tyler Buchanan admitted in court to hacking into various companies, defrauding them, and stealing cryptocurrency from multiple individuals. The post British Scattered Spider Hacker Pleads Guilty in th…
Forescout researchers discovered 20 new vulnerabilities in Lantronix and Silex products and described theoretical attack scenarios. The post Serial-to-IP Converter Flaws Expose OT and Healthcare Syste…
Strangers can infer limited info about you without knowing or messaging you, which could theoretically aid certain kinds of malicious activity.