The campaigns focus on financial organizations, including cryptocurrency, venture capital, and blockchain entities.
The post North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks appeared first on SecurityWeek.
Toxic Combinations: When Cross-App Permissions Stack into Risk
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents.
The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API keys shared between agents,
The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API keys shared between agents,
Microsoft traces Universal Print issues to Graph API code change
Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. […]
New GoGra malware for Linux uses Microsoft Graph API for comms
A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. […]
Google Antigravity in Crosshairs of Security Researchers, Cybercriminals
Researchers discovered a remote code execution vulnerability and cybercriminals are using its reputation to deliver malware.
The post Google Antigravity in Crosshairs of Security Researchers, Cybercriminals appeared first on SecurityWeek.
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.
The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.
“Improper verification of cryptographic
The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.
“Improper verification of cryptographic
Oracle Patches 450 Vulnerabilities With April 2026 CPU
The company released 481 new security patches across 28 product families, including over 300 fixes for remotely exploitable, unauthenticated flaws.
The post Oracle Patches 450 Vulnerabilities With April 2026 CPU appeared first on SecurityWeek.
Microsoft releases emergency patches for critical ASP.NET flaw
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. […]
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector.
“The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than
“The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.
“Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to
The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.
“Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to