Latest Tech News
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines.
"The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector.
The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a legitimate library from Stripe that has over 75 million downloads. It was uploaded by a user named
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023.
The vulnerability, tracked as CVE-2026-20127 (CVSS score: 10.0), allows an unauthenticated remote attacker to bypass authentication and obtain
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries.
"This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,"
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials.
"The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing
SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks.
The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. The group is said to be offering anywhere between $500 and $1,000 upfront per call, in addition to
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
Triage is supposed to make things simpler. In a lot of teams, it does the opposite.
When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case, and more room for real threats to slip through.
So where does triage go wrong? Here are five triage
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data.
The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.
Manual Processes Are Putting National Security at Risk
Why automating sensitive data transfers is now a mission-critical priority
More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemic
How Mexico's ‘CJNG’ Drug Cartel Embraced AI, Drones, and Social Media
Drug kingpin Nemesio “El Mencho” Oseguera Cervantes may be dead, but the Jalisco cartel he ran for years will likely outlive him—thanks, in part, to the criminal group’s embrace of technology.
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars.
Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution.
The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below -
CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute
Here’s What a Google Subpoena Response Looks Like, Courtesy of the Epstein Files
The US Justice Department disclosures give fresh clues about how tech companies handle government inquiries about your data.
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue.
The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure.
"Attackers can craft hidden instructions inside a