Threat actors are leveraging Large Language Model (LLM) agents to automate post-exploitation activities after successfully compromising systems through CVE-2026-39987, a critical vulnerability in Marimo, a popular Python notebook framework. This novel attack chain represents a significant evolution
A newly identified Russian-linked threat actor dubbed GREYVIBE has deployed AI-enhanced cyberattacks targeting Ukrainian critical infrastructure and government networks. The campaign leverages machine learning algorithms to automate reconnaissance, evade detection systems, and optimize payload deliv
Carnival Cruise Line has confirmed a significant data breach impacting nearly 6 million individuals, including current and former employees as well as cruise passengers. The breach exposed sensitive personal information including Social Security numbers, passport details, and health records. The com
Cybercriminals are distributing malware through a fraudulent ChatGPT download website, targeting both Windows and Mac users. The malicious site mimics OpenAI’s interface and tricks victims into downloading trojanized installers that deploy info-stealers and remote access tools. This campaign exploit
A serial sextortionist received a 33-year federal prison sentence after orchestrating a widespread campaign targeting 145 children across multiple platforms. The predator used social engineering tactics, fake personas, and manipulation to coerce minors into producing explicit content, then threatene
Security researchers discovered a critical zero-click vulnerability in Google Pixel 10’s Video Processing Unit (VPU) driver that allowed attackers to access entire kernel memory without user interaction. The exploit chain bypassed multiple security layers, enabling complete device compromise through
Elon Musk revealed that US military suicide drones have been operating on Starlink satellite internet connections, directly violating SpaceX’s terms of service and usage policies. The unauthorized use of commercial satellite infrastructure for offensive military operations raises critical questions
Researchers have demonstrated that standard Wi-Fi routers can be weaponized to identify and track individuals through walls with alarming accuracy. By analyzing how wireless signals interact with the human body, attackers can create detailed profiles of people’s unique physical characteristics witho
India’s Computer Emergency Response Team (CERT-In) has issued a directive requiring organizations to patch critical vulnerabilities in internet-facing systems within 12 hours of notification. This aggressive timeline responds to the accelerating threat landscape where AI-assisted attacks are weaponi
A critical zero-day vulnerability in Hitachi’s KnowledgeDeliver Learning Management System (LMS) is being actively exploited to deploy Godzilla webshells and Cobalt Strike beacons. Attackers are leveraging an authentication bypass flaw to gain unauthorized access, establish persistent backdoors, and