Latest Cybersecurity News
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, tracked as...
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies to combat cyber-enabled and cryptocurrency fraud targeting Americans. The "Disruption Week" operation began May 18, 2026, leading to the takedown of millions...
Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [...]
U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors
The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments related to terrorist activities. [...]
CISA warns of cyberattacks targeting fuel tank monitoring systems
CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. [...]
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory. No...
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. [...]
The Gentlemen Ransomware Group Uses Fortinet Exploits, AI, and Custom C2 Frameworks
The Gentlemen Ransomware Group Uses Fortinet Exploits, AI, and Custom C2 Frameworks Read more Published Date: Jun 03, 2026 (14 hours, 29 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-33073 CVE-2025-32433 CVE-2024-55591 CVE-2024-3400 CVE-2023-4966 CVE-2020-5135
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. "Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick, a...
CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. [...]
Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can reach once it does. That is a question about the shape of...
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag Read more Published Date: Jun 03, 2026 (17 hours, 15 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-45659 CVE-2026-0257 CVE-2026-42832 CVE-2026-41102 CVE-2026-41101 CVE-2026-41100 CVE-2026-39987 CVE-2024-21182
WordPress Plugin Vulnerability Exposes 500,000+ Websites to Privilege Escalation Attacks
WordPress Plugin Vulnerability Exposes 500,000+ Websites to Privilege Escalation Attacks Read more Published Date: Jun 03, 2026 (18 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-8206
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) Read more Published Date: Jun 03, 2026 (18 hours, 25 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-45659 CVE-2026-0257 CVE-2026-25588 CVE-2026-23631 CVE-2026-23479 CVE-2026-39987 CVE-2024-21182
Critical Apache ActiveMQ Vulnerability Allows Malicious Security Header Injections
Critical Apache ActiveMQ Vulnerability Allows Malicious Security Header Injections Read more Published Date: Jun 03, 2026 (19 hours, 24 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-49157 CVE-2026-42253
What “Actionable Intelligence” Actually Means in 2026
“Actionable intelligence” is everywhere—but rarely actionable. Here’s what it actually means in 2026, and how AI closes the gap between data and decisions. The post What “Actionable Intelligence” Actually Means in 2026 appeared first on Brandefense.
Agentic AI in Cybersecurity: How Autonomous Agents Are Transforming the SOC
Agentic AI is reshaping cybersecurity operations by enabling autonomous threat triage, investigations, and rapid containment. Learn how AI-powered SOC teams are defending at machine speed. The post Agentic AI in Cybersecurity: How Autonomous Agents Are Transforming the SOC appeared first on Brandefense.
From Weeks to Seconds: What AI Actually Changes in the CTI Lifecycle
Learn how AI-driven CTI platforms eliminate delays, reduce noise, and deliver real-time intelligence to stop threats before they escalate. The post From Weeks to Seconds: What AI Actually Changes in the CTI Lifecycle appeared first on Brandefense.
GC01 (Golden Chickens): Inside the Arsenal of a Premier E-Crime MaaS Provider
Golden Chickens (GC01) is a top-tier Malware-as-a-Service provider enabling cybercriminal operations worldwide. Discover its tools, tactics, and impact. The post GC01 (Golden Chickens): Inside the Arsenal of a Premier E-Crime MaaS Provider appeared first on Brandefense.
BlackTech
BlackTech is a China-aligned APT group specializing in long-term cyber espionage through network infrastructure compromise, targeting telecom, government, and tech sectors. The post BlackTech appeared first on Brandefense.
Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT
Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT
User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available
User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available
GitHub: Threat Actor Usernames Scrape
GitHub: Threat Actor Usernames Scrape
WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting
WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting
Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration