A cryptocurrency scam known as “ShieldGuard” has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by Okta Threat Intelligence and described in an advisory published on March 17,… Read More "Crypto Scam “ShieldGuard” Dismantled After Malware Discovery"
Anthropic announced last week that Claude now connects with 28 security and compliance platforms, a move designed to make the AI assistant a more manageable and governable tool within corporate IT environments. The integrations span a wide range of enterprise… Read More "Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations"
The Chinese phishing-as-a-service (PhaaS) landscape has been rapidly growing in size and sophistication over the past few month, Google researchers have warned. Cyber threat actors operating mature phishing services, many of whom are likely tied to the broader Asian criminal… Read More "Chinese Threat Actors Shift to Live Credential Interception"
An Iranian APT tracked as Nimbus Manticore has adopted new tactics and updated its arsenal in new intrusions targeting aviation and software companies, Check Point reports. Also known as Bohrium, Smoke Sandstorm, TA455, and UNC1549, and active since at least… Read More "Iranian APT Targets Aviation, Software Companies With Updated Tools"
Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn’t log in without the second factor. While that logic was sound, attackers have now… Read More "Why Your Second Factor Isn’t Saving You"
Unexpected workflow_dispatch runs in the Actions tab could be a warning sign, the researchers said in a blog post. “If you use OIDC federation for cloud deployments, review cloud audit logs for token requests from unknown workflow runs.” The malicious… Read More "GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos"
An Android remote access trojan (RAT) that lets buyers build their own custom payloads without writing a line of code has been observed spreading through phishing campaigns across Brazil and beyond. According to new analysis from ESET, the malware, known… Read More "BTMOB Android RAT Spreads Through No-Code Builder Tooling"
Securing software-as-a-service (SaaS) apps is hard. The standard cybersecurity controls are not designed for SaaS. The difficulty is the software doesn’t belong to the user and usually runs on somebody else’s infrastructure. Standard cybersecurity products are designed to operate on… Read More "AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security"
Ravie LakshmananMay 26, 2026Vulnerability / Enterprise Security Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability,… Read More "Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions"
A newly identified local privilege escalation (LPE) vulnerability has been discovered affecting default installations of Ubuntu Desktop 24.04 and later, allowing attackers to gain full root access. The flaw, tracked as CVE-2026-3888, stems from the interaction between two core system… Read More "New Ubuntu Flaw Enables Local Attackers to Gain Root Access"
