Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

A Critical Flaw in Amazon Q Developer Platform Exposes Users to Malicious Repositories Amazon Web Services (AWS) has acknowledged a significant vulnerability in its Q developer platform, which could allow malicious users to run code on affected accounts via configuration files. The flaw, discovered by security researchers, affects users who have enabled the Model Customization … Read more

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

A Critical Linux Exploit Has Been Uncovered, Granting Root Access to Attackers A devastating security vulnerability has been discovered in various Linux distributions, allowing attackers to gain root access by manipulating cached binaries. Dubbed a “COW” (Copy-On-Write) exploit, this flaw can be exploited remotely, making it a pressing concern for system administrators and users alike. … Read more

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign

A sophisticated Chinese-speaking Advanced Persistent Threat (APT) group has unleashed a new backdoor malware, known as TinyRCT, on unsuspecting organizations in Southeast Asia. This highly targeted campaign has left security teams scrambling to contain the damage and prevent further exploitation. TinyRCT is a type of remote access trojan (RAT) designed to provide its operators with … Read more

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks

A new and highly sophisticated malware strain, dubbed SharkLoader, has been identified by cybersecurity researchers. This malware is particularly noteworthy for its ability to deploy Cobalt Strike, a notorious attack framework often used by nation-state actors, in a series of coordinated cyberattacks dubbed “StrikeShark.” The attacks have already compromised several organizations worldwide, leaving many scrambling … Read more

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

FBI Warns of Russian Intelligence Hackers Targeting Signal Backup Recovery Keys, Exposing User Data The FBI has issued a warning that Russian intelligence hackers have been actively targeting encrypted messaging service Signal’s backup recovery keys, potentially exposing users’ sensitive information. This brazen attack highlights the evolving tactics used by nation-state actors to compromise even the … Read more

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards

OpenAI’s GPT-5.6 Sol, a highly advanced language model capable of generating human-like text, has been made available with restricted access and enhanced security measures, highlighting the growing trend of AI-powered cybersecurity tools. The move comes as a response to the increasing number of software vulnerabilities discovered by AI models, which are being used to identify … Read more

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

As a major escalation of Russia’s ongoing cyber warfare against Ukraine, Ukrainian authorities have revealed that Russian intelligence agencies used a sophisticated tactic to steal messaging credentials from government officials and politicians. By sending fake support texts, Russian hackers successfully compromised the accounts of at least 200 high-ranking officials, potentially granting them access to sensitive … Read more