CybersecurityBoard.com brings together vulnerability intelligence, security news, MITRE ATT&CK group profiles, cyber events, certifications, training, products, companies and service providers.
Threat actors are actively exploiting CVE-2026-33017, a critical unauthenticated remote code execution vulnerability in Langflow (CVSS 9.3), to deploy a Monero cryptocurrency miner on exposed AI application endpoints. The campaign, observed between March 27…
CVE-2025-3248 is a critical Langflow vulnerability (CVSS 9.8) that was exploited in June 2025 to distribute the Flodrix botnet malware, highlighting ongoing…
An unknown threat actor is exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp (CVSS 10.0), to deliver two new malware families:…
A vulnerability in Google's Quick Share for Windows that could allow an attacker to execute arbitrary code. Part of a 10-bug chain…
A vulnerability in Google's Quick Share for Windows that could allow an attacker to execute arbitrary code. Part of a 10-bug chain…
A vulnerability in Google's Quick Share for Windows that bypassed fixes for CVE-2024-38271 and CVE-2024-38272, reported by SafeBreach in 2025.
New research from Adversa AI, dubbed 'GuardFall,' reveals that ten out of eleven popular open-source AI coding agents are vulnerable to a…
Researchers at Wake Forest University tested 444 AI chatbot apps for iPhone and found that 282 of them (nearly two-thirds) exposed paid…
A new attack technique called BioShocking, discovered by security firm LayerX, exploits AI browsers and assistants by tricking them into leaking user…
WhatsApp has officially announced the global rollout of username reservations, a new privacy feature designed to protect the phone numbers of its…
This week's cybersecurity landscape highlighted significant threats including a new Linux kernel flaw, AI-assisted malware, and active exploitation of critical vulnerabilities. The…
Today's encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon…
Kinsing is a threat group known for cryptojacking operations, often deploying cryptocurrency miners on compromised systems. In this campaign, the Lambsys malware…
WatchDog is a threat group involved in cryptojacking, deploying miners on vulnerable systems. The Lambsys malware actively terminates WatchDog processes to maintain…
Rocke is a threat group associated with cryptocurrency mining malware. The Lambsys malware kills Rocke miner processes as part of its anti-competition…
Outlaw is a threat group known for cryptojacking activities. The Lambsys malware terminates Outlaw miner processes to eliminate rival operations.
Silent Swap is a cryptocurrency clipper campaign identified by McAfee Labs that uses unsigned installers to deploy a malicious Chromium extension masquerading…
CountLoader is a prior campaign that delivered a crypto clipper, with evidence suggesting the same threat actor behind both CountLoader and Silent…
VPN Go is a pair of malicious Chrome and Firefox extensions posing as free VPN tools. They contain clipboard theft logic that…
Cybersecurity researchers have flagged an active browser extension campaign designed to steal cryptocurrency by stealthily replacing wallet addresses during transactions. The cryptocurrency…
The FIFA World Cup 2026, which kicked off on June 11, 2026, has been targeted by pre-built fraud infrastructure across financial services,…
Check Point Research has revealed that threat actors pre-built and staged fraud infrastructure targeting the FIFA World Cup 2026 months before the…
PCI DSS v4.0.1 introduced requirements 6.4.3 and 11.6.1, mandating that merchants inventory, authorize, and verify the integrity of all scripts on payment…
SANS San Antonio 2026 was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber…
Agentic AI represents a paradigm shift in offensive cybersecurity, where AI tools no longer require human operators to execute attacks. Unlike previous…
Google Notes is a fake browser extension masquerading as a benign utility, used in the Silent Swap campaign to deploy a crypto…
VPN Go: Free VPN is a malicious browser extension available on Chrome Web Store and Firefox Add-ons that presents itself as a…
SWE-agent was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
Claude Sonnet 4.6 was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news,…
McAfee is a cybersecurity company whose McAfee Labs division identified and analyzed the Silent Swap crypto clipper campaign, providing technical details on…
Adversa AI, a cybersecurity research firm, identified the GuardFall bypass affecting ten open-source AI coding agents, exploiting shell injection techniques to execute…
Sysdig calculated that stolen AI credentials could run up more than $46,000 a day in AI charges, highlighting the financial risk of…
Researchers at Wake Forest University conducted the first in-depth study of API key leaks in iOS AI apps, using their tool LLMKeyLens.
Europol was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…
Nokia Deepfield Emergency Response Team was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related…
DEV Community (dev.to) is a developer platform abused by Gamaredon as a dead drop resolver.
Mastodon is a decentralized social network abused by Gamaredon as a dead drop resolver.