Aggregator

These are the top threats you should know about this week.

Researchers warn GhostShell is using fake drone documents to target Ukrainian defence teams, stealing passwords and sensitive data in a new cyber campaign.

The White House has issued a major executive order directing U.S. federal civilian agencies to migrate high‑value systems to post‑quantum cryptography (PQC), with firm deadlines of 2030 for key establishment and 2031 for digital signatures. The order, titled “Securing the Nation Against Advanced Cryptographic Attacks,” warns that large‑scale quantum computers could eventually break today’s widely […]

The post White House Orders Federal Agencies to Migrate Systems to Post-Quantum Cryptography appeared first on Cyber Security News.

A public proof-of-concept (PoC) exploit for the critical libssh2 remote code execution vulnerability tracked as CVE-2026-55200 is now available, significantly increasing the risk of real‑world attacks against unpatched systems. The flaw affects libssh2 versions up to and including 1.11.1 and resides in the ssh2_transport_read() function, which parses incoming SSH packets on the client side. The […]

The post PoC Exploit Released for libssh2 Remote Code Execution Vulnerability appeared first on Cyber Security News.

A newly identified attack campaign is using a sophisticated Browser-in-the-Browser (BitB) kit to trick users into downloading malware disguised as legitimate software installers. The technique combines convincing fake browser pop-ups with fabricated error messages to manipulate victims into taking actions they believe are routine and safe. The campaign marks a notable evolution in how phishing […]

The post Browser-in-the-Browser Kit Uses Fake Software Errors to Deliver Malware Installers appeared first on Cyber Security News.

A newly identified malware cluster known as GhostShell has been found actively targeting Ukraine’s drone operations and its broader defense supply chain. The campaign uses a sophisticated combination of techniques, including a mutual TLS implant and a Telegram-based dead-drop resolver, to quietly establish persistence inside targeted networks. The threat actor behind this operation has been […]

The post GhostShell Malware Uses mTLS Implant and Telegram Dead-Drop to Target Ukrainian Drone Operations appeared first on Cyber Security News.

A first-of-its-kind security analysis of 12 widely deployed agentic offensive-security tools reveals critical architectural flaws that allow adversaries to steal LLM API keys, establish persistent footholds, and achieve full host compromise even inside sandboxed containers. Security researchers from Cracken have published the first in-depth security analysis of agentic red-team systems, AI-powered tools designed to autonomously […]

The post Red-Team AI Tool Vulnerabilities Let Attackers Exfiltrate API Keys and Compromise Operators’ Systems appeared first on Cyber Security News.

Deutsche Bahn said a nationwide disruption of railway services was tied to a malfunction in its 2G-based GSM-R communications system.

Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not designed for what is coming next. More than 40,000 CVEs were reported in 2025, breaking yet another record. Today, security experts anticipate that frontier AI-powered systems could drive a […]

JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.

The company said in a regulatory filing that it became aware of the incident on Tuesday morning and had taken precautionary measures to contain its impact.

Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnerability, tracked as CVE-2026-20230 (CVSS score of 8.6), that attackers are already exploiting. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without […]

Policy as Code Turns Static Compliance Documents Into Enforceable, Auditable Policy
For decades, policies, standards and procedures have anchored security and compliance governance. But static documents can no longer keep pace with dynamic regulations and frontier technology. Policy as Code transforms them into machine-readable, enforceable, continuously verifiable rules that drive real business decisions.

Your Controls Assume a Human Is Acting on the Data Being Accessed. But AI Isn't Human
AI is exposing a blind spot in enterprise security: Controls built for humans don't work on agents that never pause, filter or apply judgment. New CISO research shows many organizations can't track what AI is accessing - turning existing data gaps into machine-speed risk.

Understand Agentic AI Risks and Secure All MCP Deployments
MCP has rapidly become the connective tissue of the agentic AI era and the standard for connecting AI agents to enterprise systems. But it also introduces new attack vectors, from tool poisoning to prompt injection. Here are six ways to reduce the risk.

When AI Partnerships Deepen, Security Leaders Can Access Powerful Joint Cognition
Sustained dialogue with AI does more than reflect a mind back. It casts a shadow shaped by two minds moving together, opening a vantage point once reserved for the few. For security leaders, recognizing this joint cognition is operationally vital, and so is keeping the shadow attached before it slips free.

Healthcare organizations face mounting pressure to govern AI without slowing innovation. Krista Arndt of St. Luke's University Health Network explains how agile governance, technical controls and collaboration can reduce data loss risks, protect patient care and strengthen AI security programs.