Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar
iT4iNT SERVER Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry u…
Showing posts from June, 2026Show all
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
iT4iNT SERVER Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost…
The Hidden Security Risk in Modern Networks: The Work Between Tools
iT4iNT SERVER Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly…
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
iT4iNT SERVER The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its …
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
iT4iNT SERVER Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments tha…
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
iT4iNT SERVER A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two oth…
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
iT4iNT SERVER Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of o…
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
iT4iNT SERVER OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration aris…
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
iT4iNT SERVER A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including…
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
iT4iNT SERVER Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovak…
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
iT4iNT SERVER Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microso…
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
iT4iNT SERVER Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the J…
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
iT4iNT SERVER A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germ…
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
iT4iNT SERVER The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a …
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
iT4iNT SERVER A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice…
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
iT4iNT SERVER Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal …
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
iT4iNT SERVER Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining cont…
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
iT4iNT SERVER AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered,…
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
iT4iNT SERVER Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thin…
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
iT4iNT SERVER Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The t…
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
iT4iNT SERVER Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 1…
