Cybersecurity News - Page 2

The technique works because many AI research agents repeatedly retrieve information from the same user-generated content pages.

Attackers gained access to Klue's systems through a compromised legacy credential connected to an integration service.

AryStinger mainly targets older D-Link router models, including the DIR-850L and DIR-818LW.

Microsoft also linked the group to a separate npm supply chain attack targeting the Axios HTTP client in April 2026.

In brief: Fortinet, Cisco and other vendors fix multiple exploited bugs, Arch Linux users targeted in a large-scale malware campaign, and more.

The campaign promotes fake Solana and Pump.fun sniper bots and crash-game predictors via phishing websites, GitHub repositories, SourceForge projects, YouTube videos, and posts on legitimate news websites.

Attackers hijacked a legitimate npm account belonging to a former Mastra contributor and published 144 malicious package versions within 88 minutes.

The plugins, published under seven different vendor accounts, were masked as AI coding assistants, code-review tools, and Git utilities.

Backdoor.Turn is believed to be the first known malware observed in real-world attacks abusing Microsoft Teams TURN relay servers for stealthy communications.

Lytvynenko also admitted to helping develop a loader used to deploy malware.