DESTAQUES

Ameaças Cibernéticas

1220 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving…

Ameaças Cibernéticas The Hacker News 🇺🇸

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructure was found active…

Ameaças Cibernéticas The Hacker News 🇺🇸

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts yo…

Ameaças Cibernéticas The Hacker News 🇺🇸

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-456…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

New ChocoPoC malware targets researchers via trojanized PoC exploits

Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal sensitive data in a campaign believed to target cybersecurity researchers. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges

A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1. Peter Stokes, 19, a dual U.S. and Estonian citizen, appea…

Ameaças Cibernéticas The Hacker News 🇺🇸

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on spoofed websites. …

Ameaças Cibernéticas Bleeping Computer 🇺🇸

DHS confirms hackers breached HSIN info-sharing platform

The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEIL#DROP by Securonix. It's suspected that the initial payloa…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Webinar: Why traditional email security is no longer enough

Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to detect. This webinar explores how behavioral AI can help organizations automate…

Ameaças Cibernéticas The Hacker News 🇺🇸

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portug…

Ameaças Cibernéticas The Hacker News 🇺🇸

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary fil…

Link copiado!