“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-

New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware [email protected] (The Hacker News)
AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that does not exist. New research, which its authors call HalluSquatting, turns that habit into an attack: work out the fake names an AI reliably invents, register…
-

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS [email protected] (The Hacker News)
Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and arbitrary command execution. The list of vulnerabilities is as follows – CVE-2026-50746 (CVSS score: 10.0) – An improper access control vulnerability in UniFi Connect Application that…
-
CISO’s guide to hiring for the right cybersecurity skills
The cybersecurity talent gap won’t be solved by head count alone. CISOs need to fundamentally rethink how they recruit, how they retain talent and what skills they really need.Read More
-

New Ghost Phishing Wave Is Breaking Traditional Email Security [email protected] (The Hacker News)
A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft…
-

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users [email protected] (The Hacker News)
A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Security Labs under the moniker REF6045, involves infecting victims through fake CAPTCHA verification pages that deceive them into running a malicious command that installs a PowerShell toolkit dubbedRead More
-

GitHub ‘Verified’ Commits Can Be Rewritten Into New Hashes Without Breaking Signatures [email protected] (The Hacker News)
New research shows that a signed Git commit’s hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any signed commit, someone without the signing key can mint a second commit with the same files, author, and date, and a valid signature, GitHub still stamps “Verified.” Everything a…
-

The Verification Step Is the New ATO Battleground in 2026 [email protected] (The Hacker News)
For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and for defenders, relatively well understood. That era is ending. Not because attackers gave up, but because the front door finally got harder to kick in.…
-

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code [email protected] (The Hacker News)
An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside a code editor. That is the finding of a new study of GitHub Copilot by researchers Abhishek Kumar and Carsten Maple. The models they tested through Copilot,…
-

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware [email protected] (The Hacker News)
A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat (APT) actor that’s responsible for maintaining and proliferating LapDogs, an ORB network that first came to…
-

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros [email protected] (The Hacker News)
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no networkRead More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova
