The Cyber Trove

The Cyber Trove https://validator.w3.org/feed/docs/rss2.html Thales to Power Singapore’s National Drone Traffic System Critical Veeam Vulnerability Enables RCE on Backup Servers Microsoft Fixes 198 Vulnerabilities Including 3 Zero-Days Browser-in-the-Browser Attack Targets Microsoft 365 Logins MagicAd Malware Bypasses Android Security to Flood Devices With Ads AI Phishing Campaigns Impersonate ChatGPT, Claude, DeepSeek LiteLLM RCE Vulnerability Actively Exploited in the Wild Shai-Hulud Campaign Expands With 23 Malicious PyPI Packages FFmpeg Zero-Day Flaws Enable One-Packet Remote Code Execution Apache HTTP Server 2.4.68 Fixes 13 Security Flaws Critical Linux Kernel Flaw Enables Root Privilege Escalation Check Point VPN Zero-Day Exploited to Deploy Ransomware Stealthy OP-512 Attack Hijacks IIS Servers Undetected How This Claude Code Flaw Exposes Critical SaaS Tokens How New EDRChoker Tool Silences Critical Security Agents How Critical Instagram Flaw Exposed High-Profile User Data How This Linux Flaw Triggers Critical Container Escape Claude AI Outage Disrupts Services, Raises Reliability Concerns OWASP CVE Lite CLI Brings Developer-First Vulnerability Scanning to the Terminal Microsoft Warns Claude Code GitHub Action Flaw Exposes CI/CD Pipeline Secrets VerdantBamboo Uses BRICKSTORM to Breach Firewalls and Appliances Zero-Click AI Attack Chains Bypass Human Oversight in Agentic Systems Malicious Chrome Extensions Caught Stealing AI Chat Data SHub Reaper Malware Targets Mac Users and Crypto Wallets Microsoft 365 Glitch Bypassed Windows Driver Controls New Gafgyt Botnet Variant Expands Reach Across Linux Devices Hola Browser Supply Chain Attack Delivers Hidden Cryptominer Massive npm Supply Chain Attack Targets Red Hat Packages New SolyxImmortal Malware Steals Passwords via Discord Hackers Can Take Over Sites via WP Maps Flaw Gamaredon Malware Hides in Windows While Using Cloud C2 Channels Dashlane Accounts Locked After Large-Scale Brute-Force Attack Critical StrongDM Flaw Enables Session Hijacking Without Credentials Critical Android Zero-Day Enables Silent Device Takeover Fake Recruitment Portal Used by Nimbus Manticore to Deploy Malware Critical PHANTOMPULSE RAT Hits Crypto Systems Meta AI Support Bot Exploited in Direct Account Takeover Campaign Magecart Attack Abuses Stripe as Hidden Malware Channel Hackers Weaponize Trusted Tools to Evade Detection Tycoon 2FA Attack Silently Breaks Microsoft MFA Grandoreiro Malware Resurfaces, Targeting Banks and Businesses GHOST STADIUM Phishing Campaign Targets FIFA World Cup 2026 Fans TikTok Releases Smart Guide to Help Families Stay Safe Online Critical MCP Toolbox Flaw Exposes Enterprise Databases via DNS Rebinding Hackers Use ‘Underminr’ to Bypass DNS Security via CDNs Critical Magento Cache Plugin Flaw Allows Remote Code Execution Critical IBM WebSphere Flaw Allows Remote Code Execution North Korean Hackers Exploit Packagist to Target PHP Developers Microsoft Tightens Entra ID Password Reset Security to Curb Identity Attacks Malicious PyPI Package Exploits Typosquatting to Deploy Backdoor