cyber security - FUSION GLOBAL

HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora

https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5ca91bca-3d08-428c-aed2-64a4b18bdd63_1920x1080.gif

HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare Pingora

Guru Baran June 3, 2026

A newly disclosed remote denial-of-service exploit dubbed “HTTP/2 Bomb” targets the default HTTP/2 configurations of the world’s...

1-Click GitHub Token Vulnerability Lets Attackers Steal Users’ OAuth Tokens

Guru Baran June 2, 2026

A critical security vulnerability in Visual Studio Code’s webview implementation allows attackers to steal GitHub OAuth tokens,...

WordPress Malware Abuses Steam Community Profiles for C2 Operations

Tushar Subhra Dutta June 2, 2026

A newly discovered malware campaign targeting WordPress websites has raised serious concerns across the web security community....

Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign

Tushar Subhra Dutta June 2, 2026

A single threat actor has been running a fake political persona on Telegram for five years, quietly...

Attackers Abuse AWS, Google Cloud, Cloudflare, and Microsoft Services to Hide Malicious Traffic

Guru Baran June 2, 2026

Cybercriminals are increasingly weaponizing trusted cloud infrastructure, including Amazon Web Services, Google Cloud, Microsoft Azure, Cloudflare, and...

Red Hat Confirms Supply Chain Compromise of @redhat-cloud-services npm Packages Red%20Hat%20Confirms%20Supply%20Chain%20Compromise.webp

Red Hat Confirms Supply Chain Compromise of @redhat-cloud-services npm Packages

Guru Baran June 2, 2026

Red Hat has officially confirmed a supply chain compromise affecting multiple packages published under the @redhat-cloud-services npm...

Russia Says Foreign Spyware Found on High-Ranking Officials’ Mobile Phones

Abinaya June 2, 2026

Russia’s Federal Security Service (FSB) has claimed it disrupted a large-scale cyber-espionage operation involving the deployment of...

CISA Warns of Two-Year-Old Oracle WebLogic Server Vulnerability Exploited in Attacks

Abinaya June 2, 2026

CISA has issued a fresh warning highlighting active exploitation of a critical Oracle WebLogic Server vulnerability, tracked...

Critical KMW CCTV Vulnerability Let Attackers Gain Unauthorized Access to Camera Feeds

Abinaya June 2, 2026

A critical security flaw in KMW CCTV security cameras could allow attackers to gain full, unauthorized access...

Anthropic Expands Project Glasswing Claude Mythos Preview to 150 New Organizations

Guru Baran June 2, 2026

Anthropic has significantly broadened the reach of Project Glasswing, its collaborative AI-driven cybersecurity initiative, by extending access...