A recent security investigation has uncovered a significant supply chain vulnerability within ClawHub, the primary plugin registry for the OpenClaw AI agent ecosystem. Researchers identified […]
Category: Cybersecurity News
Stay informed about the ever-evolving world of digital threats and defenses with our Cyber Security News category. Here, you’ll find the latest breaking news, in-depth analysis, and expert insights on everything related to cybersecurity. From data breaches and ransomware attacks to emerging threats and innovative security solutions, we cover the critical issues impacting individuals, businesses, and governments worldwide. Keep up-to-date on the latest vulnerabilities, best practices, and trends shaping the future of online security.
ShapedPlugin WordPress Pro Plugins Compromised in Supply Chain Attack
Several premium WordPress plugins developed by ShapedPlugin have been compromised in a sophisticated supply chain attack. Malicious actors infiltrated the vendor’s build and distribution pipeline, […]
Microsoft Entra Conditional Access Policies Vulnerable to Bypass via Nested App Authentication
Microsoft Entra Conditional Access Policies (CAPs), essential for securing Azure and Microsoft 365 environments, have been found susceptible to a bypass technique involving Nested App […]
DifyTap Vulnerabilities Expose AI Chats Across Tenants
Security researchers have uncovered four significant vulnerabilities in Dify, an open-source agentic workflow platform with over 146,000 GitHub stars. These flaws, collectively named DifyTap by […]
Hackers Exploit RemotePC and PowerShell to Deploy Prinz Eugen Ransomware
A newly identified ransomware group has been leveraging legitimate remote management software and sophisticated scripting techniques to infiltrate organizations and deploy a potent encryption threat […]
Klue Hack Exposes Salesforce Data of Multiple Cybersecurity Firms
A recent supply chain attack targeting Klue, a market intelligence platform, has led to unauthorized access to Salesforce data across at least nine organizations, including […]
AI iOS Apps Expose LLM API Credentials, Risking Security Breaches
Recent research has uncovered a significant security vulnerability in AI-powered iOS applications, with a substantial number leaking large language model (LLM) API credentials through network […]
29-Year-Old ‘Squidbleed’ Vulnerability Exposes Sensitive Data in Squid Proxy
A critical security flaw, dubbed ‘Squidbleed,’ has been identified in the Squid Proxy software, exposing sensitive user data for nearly three decades. This vulnerability, present […]
29-Year-Old Squid Proxy Bug ‘Squidbleed’ Exposes HTTP Traffic
A critical vulnerability has been identified in the Squid web proxy, a widely used caching proxy server. Dubbed ‘Squidbleed’ and tracked as CVE-2026-47729, this flaw […]
Microsoft Enhances Data Protection by Restricting Copilot’s Access to Sensitive Office Files
Microsoft has introduced a significant update to its Microsoft 365 security and compliance features, enabling organizations to prevent Copilot and other connected experiences from analyzing […]