Mastodon Mastodon Mastodon Mastodon

Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

Giant worm emerging from boxes representing npm and Go, surrounded by floating packages.
Cybersecurity News

Mini Shai-Hulud/Miasma npm campaign expands to Go and CI/CD secrets

CyberSecureFox Editorial Team

Security researchers from several companies have recorded a new wave of supply chain attacks linked to the Mini Shai-Hulud, Miasma, ...

Diagram illustrating Node.js TonRAT phishing targeting hotels via email.
Cybersecurity News

Node.js TonRAT campaign abusing Calendly in hotel phishing

CyberSecureFox Editorial Team

Since April 2026, an active phishing campaign has been targeting hotel organizations in Europe and Asia, using archives with “photos” ...

Vulnerabilities in Lantronix and UniFi OS illustrated with graphics.
Cybersecurity News

Lantronix EDS5000 and Ubiquiti UniFi OS Exploited, CISA Warns

CyberSecureFox Editorial Team

On June 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four vulnerabilities to the Known Exploited Vulnerabilities ...

Cisco device illustration highlighting CVE-2026-20230 vulnerability alert.
Cybersecurity News

CVE-2026-20230 in Cisco Unified CM: SSRF to Root Exploit

CyberSecureFox Editorial Team

A critical vulnerability CVE-2026-20230 (CVSS 8.6) has been discovered in Cisco Unified Communications Manager and Unified CM Session Management Edition. ...

** AI agent explores a skill marketplace with security elements and challenges.
Cybersecurity News

How a Fake Skill Bypassed Scanners in AI Agent Marketplaces

CyberSecureFox Editorial Team

The company AIR Security conducted an experiment that demonstrated a structural vulnerability in the skill ecosystem for AI agents: a ...

Graphic depicting CSIS shield with networked devices and cyber threats.
Cybersecurity News

CSIS allowed to remotely clean Canadian routers and IoT botnets

CyberSecureFox Editorial Team

The Federal Court of Canada has published a redacted version of a ruling confirming that the Canadian intelligence service CSIS ...

Malicious npm packages revealing a trojan horse on a laptop screen.
Cybersecurity News

JFrog uncovers PostCSS npm typosquats installing a modular Windows RAT

CyberSecureFox Editorial Team

JFrog researchers discovered three malicious npm packages — aes-decode-runner-pro, postcss-minify-selector and postcss-minify-selector-parser — that masquerade as legitimate build tools and ...

WhatsApp message leading to ManageEngine RMM installation process.
Cybersecurity News

WhatsApp Desktop and Web Targeted in Global VBScript RMM Campaign

CyberSecureFox Editorial Team

According to researchers at Kaspersky, an active campaign has been identified in which malicious Visual Basic Script (VBScript) files are ...

Illustration of GPT-5.5-Cyber, robotic figure with a shield on a digital globe.
Cybersecurity News

How OpenAI’s GPT-5.5-Cyber Targets Software Vulnerabilities

CyberSecureFox Editorial Team

OpenAI has announced the release of an updated GPT-5.5-Cyber model for trusted security professionals as part of the Daybreak initiative, ...

Red data tap overflowing with digital information and user profiles.
Cybersecurity News

DifyTap: Cross-Tenant Data Exposure in the Dify AI Platform

CyberSecureFox Editorial Team

Four vulnerabilities have been discovered in the open platform for building AI agents Dify, collectively dubbed DifyTap — two of ...

123206 Next

CyberSecureFox

© 2026 INFO

About

About

Authors

Contact

Editorial

Editorial Standards

Corrections

Legal

Privacy Policy

Terms of Service