Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
ISC fixes BIND 9 resolver flaws enabling DNS cache poisoning and DoS
Internet Systems Consortium (ISC) has released security updates for BIND 9 that remediate three significant vulnerabilities in the recursive resolver. ...
Google Refutes “Gmail Breach”: Synthient’s 183M Credentials Come from Infostealers and Old Leaks
Reports claiming “183 million Gmail accounts were hacked” triggered widespread concern, but Google has confirmed no compromise of Gmail’s infrastructure ...
Leaked Cellebrite Briefing: GrapheneOS Significantly Hardens Google Pixel Against Mobile Forensics
A leaked set of slides from a closed Cellebrite briefing, shared on the GrapheneOS forums by an anonymous user known ...
“AI Sidebar Spoofing” Exposes Agentic AI Browsers to UI Hijacking: Risks for ChatGPT Atlas and Perplexity Comet
Researchers at SquareX have detailed a new attack surface for agentic AI browsers—AI Sidebar Spoofing—that lets malicious browser extensions overlay ...
YouTube Ghost Network: 3,000+ Malicious Videos Removed as Infostealer Campaign Surges
Google has taken down more than 3,000 videos linked to the so‑called YouTube Ghost Network, a sprawling malware distribution operation ...
ChatGPT Atlas Omnibox Vulnerability: Prompt Injection via Pseudo‑URLs
Security researchers at NeuralTrust have disclosed an intent‑spoofing weakness in the ChatGPT Atlas agent browser. The issue stems from the ...
Baohuo Android Backdoor Abuses Telegram X: Stealth, Clipboard Theft, and Redis C2
Security researchers from Dr.Web report a new Android backdoor, dubbed Baohuo (Android.Backdoor.Baohuo.1.origin), that piggybacks on tampered builds of Telegram X. ...
Jingle Thief: Identity‑Centric Attacks on Microsoft 365 Fuel Large‑Scale Gift Card Fraud
Palo Alto Networks has documented a newly tracked criminal cluster dubbed Jingle Thief that systematically compromises cloud identities at retailers ...
Broadcom NetXtreme‑E Firmware Flaws Put Data Centers at Risk of VM Escape and DoS—Patch Now
Two vulnerabilities in Broadcom NetXtreme‑E high‑speed NIC firmware, widely deployed across servers and data‑center infrastructure, have been fixed following disclosure ...
Prosper Data Breach: SSNs Exposed and 17.6M Emails Listed by HIBP
Prosper, one of the oldest U.S. peer‑to‑peer lending platforms, is investigating a significant data breach after detecting unauthorized database queries ...
