Latest Cybersecurity News
View all →Laser Attack Resets Tangem Wallet Passwords on Cards That Can’t Be Patched
Researchers at Ledger’s Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the…
Network of 200 GitHub Repositories Used for Malware Infection
A threat actor has built a network of over 200 GitHub repositories that have been delivering Windows malware, supply chain protection provider Socket reports. Dubbed…
Securing U.S. Critical Infrastructure in the Cloud Era
The US’s critical infrastructure (CI), systems ranging from those that deliver electricity, clean water, and healthcare, to financial services, is undergoing a fundamental transformation. The…
‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets
Researchers have built a pull request that steals a repository’s secrets by hiding the malicious instruction inside a PNG that AI code reviewers never open.…
CISA Details “Lessons from a Cyber Incident” After AWS GovCloud Credentials Leak
CISA has published a candid after-action account revealing that a contractor accidentally exposed the agency’s own AWS GovCloud credentials and Infrastructure-as-Code repositories in a personal,…
AWS GovCloud Credential Leak Leads CISA to Share Critical Cyber Incident Lessons
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed details of an internal security incident involving exposed AWS GovCloud credentials, offering a transparent account of…
Only 28% of financial workforce MFA is phishing-resistant
Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new Secret…
Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
Ravie LakshmananJul 11, 2026Vulnerability / Email Security Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client…
‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism
Researchers from Tel Aviv University, Technion, and Intuit have detailed a new attack technique dubbed ‘HalluSquatting’ that turns AI assistants’ tendency to hallucinate into a…