Threats & Security News

the latest cybersecurity threat alerts and industry happenings

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation Article Link: https://thehackernews.com/2026/07/sharepoint-rce-cve-2026-45659-added-to.html ‘Djinn’ Stealer Targets Cloud, AI Credentials Article Link:

SimpleHelp Bug Lets Hackers Create Rogue Remote Support Accounts Article Link: https://www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/ New macOS ClickFix Attack Silently Mounts DMGs to Push

FortiBleed Leak Exposes Fortinet VPN Credentials for 73,000 Devices Article Link: https://www.bleepingcomputer.com/news/security/fortibleed-leak-exposes-fortinet-vpn-credentials-for-73-000-devices/ SQL Server 2025 AI Features Can Be Abused to

Oracle PeopleSoft Servers Hacked in ShinyHunters Data Theft Attacks Article Link: https://www.bleepingcomputer.com/news/security/oracle-peoplesoft-servers-hacked-in-shinyhunters-data-theft-attacks/ Agentjacking Attack Tricks AI Coding Agents Into Running Malicious

CISA Warns of Active Attacks Exploiting Android, Linux Bugs Article Link: https://www.bleepingcomputer.com/news/security/cisa-warns-of-active-attacks-exploiting-android-linux-bugs/ Google DoubleClick Abused in New Malspam Campaign to Deliver

FBI Warns of Kali365 phishing service targeting Microsoft 365 accounts Article Link: https://www.bleepingcomputer.com/news/security/fbi-warns-of-kali365-phishing-service-targeting-microsoft-365-accounts/ ChatGPT Share Links Abused to Host Fake Outage

Ivanti Warns of New EPMM Flaw Exploited in Zero-Day Attacks Article Link: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks/ RubyGems Suspends New Signups After Hundreds of Malicious

Fear Is the Dependency Killer. The “Mini Shai-Hulud” attack highlights how modern software supply chain threats are evolving beyond stolen developer

Hackers Steal Students’ Data During Breach at Education Tech Giant Instructure Article Link: https://techcrunch.com/2026/05/05/hackers-steal-students-data-during-breach-at-education-  tech-giant-instructure/ DigiCert Revokes Certificates After Support Portal

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.