New GhostLock tool abuses Windows API to block file access
…While these file handles are open, new attempts to access the files will fail with sharing violations. The tool can be run by "standard" domain users, and does not need any elevated…
Search
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
…They are walking in, escalating quietly, and operating as trusted users, human and machine alike. If security programs don’t focus on privilege reduction, identity visibility, and continuous risk assessment, the numbers…
French govt messaging service breached in account hijacking attack
…It was immediately blocked to remove the attacker's persistent access and allow for a thorough analysis of the data they were able to access. The investigation continues, including the study of…
GitHub disables Microsoft repos pushing password-stealing malware
…73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. The incident occurred on June 5, and it was contained within just 105 seconds. The…
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
…One repeated type of post from 2023 (as seen in the screenshot below) promoted a “Botnet Service L7 - L4” and claimed Layer 3, Layer 4, and Layer 7 capability, optional API access…
Hola Browser for Windows compromised to deliver cryptominer
…and there’s no evidence of user data access, theft, or compromise. “We have since completely rebuilt our distribution pipeline, implemented advanced code-signing verification, and introduced tighter access controls and continuous…
OpenAI confirms security breach in TanStack supply chain attack
…ecosystem of open-source libraries, package managers, and continuous integration and continuous deployment infrastructure, which means that a vulnerability introduced upstream can propagate widely and quickly across organizations," the company concluded. The…
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
…Even with comprehensive exposure visibility across network, endpoint, cloud, and identity, and aggressive attack surface management, the blind spots (orphaned remote access, missing segmentation, MFA gaps) are where machine-speed attackers live…
What 2026 DBIR Confirms: Attacks Are Living in the Browser
…This threat begins in the browser—often by encountering compromised websites and sometimes through LLM chat responses —but quickly continues on the endpoint, compromising the machine with info stealers and remote access…
Chinese hackers hijack auth flow, spy on isolated network for a decade
…such as PAM, OpenSSH, and Windows LSASS as critical security assets and protect them with EDR, file integrity monitoring, hardened privileged access, multi-factor authentication (MFA), and continuous monitoring for unauthorized modifications…