News

Google News
cybersecuritynews. com > claude-desktop-to-execute-remote-code

AI Double Agent Attack Turns Claude Desktop to Execute Remote Code on a Target Machine

3+ hour, 8+ min ago  (496+ words) A compromised email inbox can be weaponized into full remote code execution on a victim's machine, not through malware or phishing links, but by turning the victim's own Claude Desktop assistant against them. The attack uncovered by Security researchers at…...

Symbols: setup.sh
Cyber Security News
cybersecuritynews. com > hackers-exploit-roundcube-n-day-flaws

Hackers Exploit Roundcube N-Day Flaws to Steal Credentials and Deploy VShell

6+ hour, 18+ min ago  (742+ words) A newly identified hacking campaign is targeting university mail servers by exploiting known but unpatched flaws in Roundcube webmail software. The attackers are using these gaps to quietly steal login credentials and plant a powerful backdoor called VShell deep inside…...

Symbols: cwe-20
Cyber Security News
cybersecuritynews. com > discords-systems-users-banned

Discord's Security Systems Mistakenly Banned 8, 000+ Accounts Since May 2026

10+ hour, 5+ min ago  (594+ words) Discord has confirmed that a bug in its automated security systems led to the wrongful suspension of more than 8, 000 user accounts between May 2026 and early July 2026. The company disclosed the issue via its official support account on X, clarifying both…...

Symbols: neet-ug
Cyber Security News
cybersecuritynews. com > microsoft-device-code-phishing-attack > amp

Microsoft Device Code Phishing Attack Steals Tokens Through Legitimate Login Page

2+ day, 37+ min ago  (694+ words) A new phishing technique is tricking users into handing over their Microsoft account tokens without a fake website in sight. Attackers are exploiting a legitimate Microsoft authentication feature to steal access to email, files, and chat messages. The method works…...

Cyber Security News
cybersecuritynews. com > hackers-abuse-2026-fifa-world-cup-hype > amp

Hackers Abuse 2026 FIFA World Cup Hype to Harvest PII and Payment Card Details

2+ day, 4+ hour ago  (738+ words) Football fans searching for World Cup deals are running into a different kind of contest this year, one designed by criminals rather than FIFA. A phishing operation tied to the 2026 FIFA World Cup has been quietly harvesting personal details and…...

Symbols: ticker:wcup,group-ib
Cyber Security News
cybersecuritynews. com > moody-bible-institute-data-breach

Moody Bible Institute Data Breach Exposes 2. 3 Million Users' Personal Data

2+ day, 5+ hour ago  (327+ words) Moody Bible Institute has confirmed a significant data breach after threat actors linked to the Shiny Hunters extortion group published personal information belonging to over 2. 3 million individuals. The exposed dataset includes donors, supporters, students, and alumni associated with the institute....

Symbols: asx:tlx,nyse:es
Cyber Security News
cybersecuritynews. com > redline-c2-pivot-reveals-seven-fraudulent-domains

Red Line C2 Pivot Reveals Seven Fraudulent Domains Used in Maritime Phishing Attacks

2+ day, 6+ hour ago  (693+ words) A single leaked command and control server ended up unraveling an entire phishing operation aimed at the maritime shipping world. What started as a routine look at Red Line Stealer traffic turned into the discovery of seven fake domains built…...

Symbols: btc-usd,eth-usd
Cyber Security News
cybersecuritynews. com > when-the-cloud-bill-becomes-a-security-alert > amp

When the Cloud Bill Becomes a Security Alert

4+ day, 12+ hour ago  (1345+ words) The first warning may not come from the SOC. It may arrive in a message from finance asking why the cloud bill climbed 40 percent over the weekend. Sometimes the explanation is harmless. A load test ran too long. A new…...

Symbols: btc-usd,nasdaq:chkp
Google News
cybersecuritynews. com > iphone-alert-in-real-time-scam

Your iphone Will Alert You in Real Time if You Are Falling Victim to a Scam

5+ day, 6+ hour ago  (428+ words) Apple is taking a major step toward combating social engineering attacks with a new feature in i OS 27 that can warn users in real time if they are likely being targeted by a scam. The new framework, called Trust Insights,…...

Symbols: kmdl-fm
Cyber Security News
cybersecuritynews. com > microsoft-365-phishing-panel-uses-oauth-device-code-flow

Microsoft 365 Phishing Panel Uses OAuth Device Code Flow to Capture Tokens and Persist Access

5+ day, 23+ hour ago  (620+ words) A newly uncovered phishing panel called ARToken is giving cybercriminals an easy way to steal Microsoft 365 login sessions without ever touching a password. Once that approval happens, the attacker walks away with a working session token, no multi factor code…...