“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service [email protected] (The Hacker News)
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. The vulnerabilities are listed below – CVE-2026-8451 (CVSS score: 8.8) – An insufficient input validationRead…
-
The agentic AI ‘lethal trifecta’: What CISOs should know
The very capabilities that make an AI agent useful also make it dangerous. Here’s what CISOs should know about the agentic AI lethal trifecta, and what they should do about it.Read More
-

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data [email protected] (The Hacker News)
New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm…
-

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS [email protected] (The Hacker News)
A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline. Researchers at QiAnXin’s XLab have tracked it since February 2026, and say the real story is not how big it is today, but how…
-

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints [email protected] (The Hacker News)
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)Read More
-

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses [email protected] (The Hacker News)
Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed Silent Swap by McAfee Labs. “The campaign is delivered through unsigned installers – observed in both .NET and Golang variants – thatRead…
-

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks [email protected] (The Hacker News)
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the bypass GuardFall, found it works against ten of the eleven popular open-source coding and computer-use…
-

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study [email protected] (The Hacker News)
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend server that accepted requests with no…
-

What the Numbers Say About FIFA 2026 Cyber Risk [email protected] (The Hacker News)
The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had already been built, staged, and partially deployed. Threat actor activity was pre-planned, months out, across three sectors and at least ten languages. Check Point Exposure Management published the FIFA World Cup 2026…
-

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer [email protected] (The Hacker News)
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass vulnerability impacting the OpenID Connect (OIDC) flow that an unauthenticatedRead More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova
