Cyber Security News

New Phishing-to-RMM Attacks: How Analysts Can Detect Trusted-Tool Abuse Early

New Phishing-to-RMM Attacks: How Analysts Can Detect Trusted-Tool Abuse Early

Balaji N May 6, 2026

ANY.RUN researchers uncovered a phishing-to-RMM campaign in which attackers use fake Microsoft, Adobe, and OneDrive pages to...

Hackers Use Microsoft Teams to Steal Credentials and Manipulate MFA

Hackers Use Microsoft Teams to Steal Credentials and Manipulate MFA

Guru Baran May 6, 2026

Iranian APT group MuddyWater deployed Chaos ransomware as a “false flag” in a sophisticated hybrid espionage campaign...

New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials

New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials

Tushar Subhra Dutta May 6, 2026

A critical security flaw has been discovered in Fanwei E-cology10, a widely used enterprise collaboration platform built...

Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure

Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure

Tushar Subhra Dutta May 6, 2026

A significant set of security vulnerabilities in Salesforce Marketing Cloud (SFMC) could have allowed attackers to read...

Malicious OpenClaw DeepSeek Skill Exploits Agentic AI Workflows to Deliver RAT and Stealer

Malicious OpenClaw DeepSeek Skill Exploits Agentic AI Workflows to Deliver RAT and Stealer

Tushar Subhra Dutta May 6, 2026

A cleverly disguised malware campaign is targeting developers and AI-driven systems by hiding inside what looks like...

Iranian-Nexus Operation Targets Oman Ministries With Webshells, SQL Escalation, and Data Theft

Iranian-Nexus Operation Targets Oman Ministries With Webshells, SQL Escalation, and Data Theft

Tushar Subhra Dutta May 6, 2026

A sophisticated cyber operation linked to an Iranian-nexus threat actor has quietly worked through at least 12...

Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass

Remus Infostealer Uses Lumma-Style Browser Key Theft and Application-Bound Encryption Bypass

Tushar Subhra Dutta May 6, 2026

A dangerous new piece of malware called Remus has surfaced, quietly picking up where one of the...

Zero-Auth Flaw Exposes DoD Contractor to Cross-Tenant Data Access

Zero-Auth Flaw Exposes DoD Contractor to Cross-Tenant Data Access

Abinaya May 6, 2026

A severe zero-authorization vulnerability in Schemata’s API, an AI-powered virtual training platform holding active Department of Defense...

Vimeo Data Breach Exposes 119,000 Users Unique Email Addresses Vimeo%20Breach.webp

Vimeo%20Breach.webp

Vimeo Data Breach Exposes 119,000 Users Unique Email Addresses

Abinaya May 6, 2026

In a significant supply chain security incident, the popular video hosting platform Vimeo has confirmed a data...

Azure AD Conditional Access Bypassed Through Phantom Device Registration and PRT Abuse

Azure AD Conditional Access Bypassed Through Phantom Device Registration and PRT Abuse

Abinaya May 6, 2026

Cloud identity security relies heavily on Microsoft Entra ID (formerly Azure AD) Conditional Access. It acts as...

error: Content is protected !!