The Cyber Trove

The Cyber Trove https://validator.w3.org/feed/docs/rss2.html Salesforce OAuth Attack Exploits Klue Integration to Steal CRM Data Unpatchable iPhone BootROM Flaw Breaks Apple’s Chain of Trust Fake GitHub Stars Fuel Rust Clipboard Hijacker Draining Crypto Wallets Resume-Themed LNK Files Deploy Xctdoor in Stealthy Windows Attack Delivery Apps Are Creating a New Security Gap—and Entry Codes May Be Part of It 24 Billion Credentials Exposed in Massive Data Leak Shaking Global Security AI Surveillance and Biometric Systems Expand Government Monitoring Worldwide French Government Chat App Tchap Hit by Security Breach RoguePlanet Zero-Day Targets Windows Defender Days After Patch Tuesday UK Cyber Security Bill Targets Foreign State Hackers ServiceNow Data Breach Exposes Customer Data via Misconfigured Endpoint TikTok and Instagram Reels Become a New Malware Delivery Channel MLTBackdoor Malware Uses ClickFix Chain to Evade Detection Critical Veeam Vulnerability Enables RCE on Backup Servers Microsoft Fixes 198 Vulnerabilities Including 3 Zero-Days Browser-in-the-Browser Attack Targets Microsoft 365 Logins MagicAd Malware Bypasses Android Security to Flood Devices With Ads AI Phishing Campaigns Impersonate ChatGPT, Claude, DeepSeek LiteLLM RCE Vulnerability Actively Exploited in the Wild Shai-Hulud Campaign Expands With 23 Malicious PyPI Packages FFmpeg Zero-Day Flaws Enable One-Packet Remote Code Execution Apache HTTP Server 2.4.68 Fixes 13 Security Flaws Massive npm Supply Chain Attack Targets Red Hat Packages Claude AI Outage Disrupts Services, Raises Reliability Concerns OWASP CVE Lite CLI Brings Developer-First Vulnerability Scanning to the Terminal Google Blocks Unrestricted Gemini API Keys After Billing Abuse Surge Hackers Can Take Over Sites via WP Maps Flaw Critical Linux Kernel Flaw Enables Root Privilege Escalation Stealthy OP-512 Attack Hijacks IIS Servers Undetected How This Claude Code Flaw Exposes Critical SaaS Tokens How New EDRChoker Tool Silences Critical Security Agents How Critical Instagram Flaw Exposed High-Profile User Data How This Linux Flaw Triggers Critical Container Escape Microsoft Warns Claude Code GitHub Action Flaw Exposes CI/CD Pipeline Secrets VerdantBamboo Uses BRICKSTORM to Breach Firewalls and Appliances New SolyxImmortal Malware Steals Passwords via Discord Zero-Click AI Attack Chains Bypass Human Oversight in Agentic Systems Malicious Chrome Extensions Caught Stealing AI Chat Data SHub Reaper Malware Targets Mac Users and Crypto Wallets Microsoft 365 Glitch Bypassed Windows Driver Controls New Gafgyt Botnet Variant Expands Reach Across Linux Devices Hola Browser Supply Chain Attack Delivers Hidden Cryptominer Magecart Attack Abuses Stripe as Hidden Malware Channel Hackers Weaponize Trusted Tools to Evade Detection Malicious PyPI Package Exploits Typosquatting to Deploy Backdoor Gamaredon Malware Hides in Windows While Using Cloud C2 Channels Check Point VPN Zero-Day Exploited to Deploy Ransomware Dashlane Accounts Locked After Large-Scale Brute-Force Attack Critical StrongDM Flaw Enables Session Hijacking Without Credentials Amazon’s One Medical Targeted in Alleged 8.8TB Data Breach by ShinyHunters