A government entity in the US reportedly paid a $1 million ransom to the Kairos cyber extortion group to prevent the public dissemination of information stolen in a May 2025 intrusion, Ransom-ISAC reports. A leaked negotiation transcript shows that the extortion group demanded $3 million in cryptocurrency from the victim organization, but eventually settled for ..
Categoria : Security
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username. Specific to Gitea’s official Docker images, the critical-severity security defect is tracked as CVE-2026-20896 (CVSS score of 9.8) and can be exploited with a single HTTP header, Sysdig Sr. Director of Threat Research Michael ..
The US Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic’s powerful Mythos AI model to scan and audit federal government software for security vulnerabilities, according to a report from Reuters. Citing three sources familiar with the matter, Reuters reported that CISA is utilizing Mythos to scan code repositories across federal agencies. The operation aims to ..
Threat actors are exploiting a recently patched vulnerability in Adobe ColdFusion that carries a maximum severity rating. Tracked as CVE-2026-48282 (CVSS score of 10/10), the security defect is described as a path traversal that could lead to arbitrary code execution. It was patched on June 30 alongside five other max severity flaws in Adobe’s rapid ..
An Iran-linked advanced persistent threat (APT) actor has been using a modular command-and-control (C&C) framework in recent attacks targeting organizations in Israel, Check Point reports. Tracked as Cavern Manticore, the APT focuses on government entities and IT providers, and appears linked to Iran’s MOIS (Ministry of Intelligence and Security), with possible ties to the OilRig ..
Tarah Wheeler is CISO at TPO Group. TPO is an acronym for technology, policy and operations, and the firm provides cybersecurity consultancy for high-stakes organizations such as critical industries and federal agencies. But despite this elevated position, her journey was far from typical. “I absolutely did not choose this career on purpose,” she said. “No, ..
A newly disclosed Linux kernel vulnerability can be exploited to escape virtual machines (VMs) and execute code on the underlying host, security researchers warn. Tracked as CVE-2026-53359 and referred to as Januscape, the security defect impacts the shadow MMU code in Linux Kernel-based Virtual Machine (KVM) hypervisor. The guest-to-host vulnerability poses a major threat to ..
Keyfactor, which helps organizations connect humans, machines, and AI with cryptographic security, has secured a strategic growth investment exceeding $1 billion. The massive capital injection comes as enterprises are grappling with what is sometimes described as “identity sprawl“, where machine identities can significantly outnumber human identities. Rather than relying on isolated, fragmented security tools, Keyfactor ..
Securonix has uncovered a sophisticated multi-stage malware delivery framework that uses compromised websites and social engineering to infect users with information stealers. Dubbed Veil#Drop, the framework combines JavaScript launchers and PowerShell download cradles for the deployment and execution of malware hosted on Blogspot, Google’s trusted infrastructure. The infection chain begins with a JavaScript file posing ..
In the movie Moneyball, the Oakland A’s didn’t need more data; they needed to know which data actually won games. Risk assessment data has the same problem. A CVSS score of 9.1 might mean little to a CFO; the fact that it represents a vulnerability in a payment system processing $2 million daily means a ..


