Clean GitHub repo tricks AI coding agents into running malware

A sophisticated new attack vector has been uncovered by Mozilla’s Zero Day Investigative Network (0DIN) AI security platform, which exploits vulnerabilities in popular agentic coding tools. The technique allows attackers to plant malware on a developer’s device without raising any red flags with security scanners or human reviewers. The attack relies on three seemingly innocuous … Read more

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards

OpenAI’s latest iteration of its GPT language model, GPT-5.6 Sol, has been made available with restricted access and enhanced cyber safeguards. This breakthrough marks a significant step forward for AI-driven cybersecurity, but also raises concerns about the potential risks associated with advanced AI systems. The development of GPT-5.6 Sol is a testament to the rapid … Read more

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Ukraine’s intelligence agency has revealed that Russian hackers used a sophisticated tactic to steal messaging credentials from Ukrainian officials, highlighting the growing threat of AI-powered attacks on individuals and organizations worldwide. According to the Ukrainian National Security and Defense Council (NSDC), Russian intelligence operatives sent fake text messages to high-ranking officials in Ukraine, purporting to … Read more

YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)

A New Era of Yara Rules Management: Releases 1.18.0 and 1.19.0 Bring Significant Improvements to YARA-X The latest updates to YARA-X, a powerful tool for creating and managing custom malware detection rules, have been released by the development team. YARA-X versions 1.18.0 and 1.19.0 bring a range of enhancements and bug fixes that are set … Read more

Chinese Framework Powers 200,000 Scam Sites

Over 200,000 websites have been found to be using a Chinese open-source framework called Uni-App, which is being exploited by threat actors to power massive investment scam operations. According to cybersecurity firm Infoblox, these scams are linked to the same cluster of activity and share patterns in growth and domain registration, suggesting a centralized owner … Read more

Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

The education sector is learning a costly lesson about vendor risk, with rising threats from third-party actors forcing institutions to play defense against ransomware and other attacks. Cybercriminals have long viewed education as an enticing target, given its mix of legacy technology and new applications, uneven IT resources, and large amounts of sensitive data. According … Read more

Cybersecurity firms targeted by fraudulent OpenAI organization invites

Cybersecurity firms targeted by sophisticated phishing campaign using OpenAI organization invites Threat actors have launched a cunning phishing campaign targeting cybersecurity companies, leveraging legitimate-looking invitations from OpenAI to trick employees into submitting sensitive company information. The “Poisoned Tenant” campaign, discovered by Push Security, involves creating fake ChatGPT organizations that impersonate the target company and inviting … Read more

Polymarket customers lose $3 million in supply-chain attack

A massive cryptocurrency heist has shaken Polymarket, one of the world’s largest prediction markets, with hackers making off with an estimated $3 million in a sophisticated supply-chain attack. The incident highlights the increasing threat posed by these types of attacks, where malicious actors inject malware into trusted third-party software or services to gain access to … Read more

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive to federal agencies, requiring them to patch two critical vulnerabilities by Sunday. These flaws, identified as CVE-2026-20230 and CVE-2026-12569, have already been exploited in attacks, making immediate action necessary to prevent further damage. CVE-2026-20230 is a server-side request forgery (SSRF) vulnerability affecting … Read more