-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

Cloud security | Breaking Cybersecurity News | The Hacker News

Category — Cloud security
ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

Jul 16, 2026 Hacking News / Cybersecurity News
A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someone else, and the damage moves faster than the explanation. Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research. Here’s the mess. Game cheats drop spyware 11 Malicious NuGet Tools Masquerade as Game Cheats to Drop Windows Surveillance Payload Cybersecurity researchers 11 malicious NuGet packages published as .NET command-line tools that present themselves as game utilities, bots, and "panels," each of which act as a first-stage downloader responsible for fetching and executing a second-stage Python payload named "pepesoft.exe" from GitHub Releases and Hugging Face paths under the username "pepegit666," along with a dormant BitTorrent fallback...
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands

New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands

Jul 16, 2026 AI Security / Developer Security
Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub thread, and a fake comment can make it run a stranger's command on your computer. Neither trick hijacks the agent's task. Each one just corrupts the facts it trusts and lets it carry on with the job you asked for. That is the shape of a new class of attack laid out in a  paper posted July 6  by researchers from Seoul National University, the University of Illinois Urbana-Champaign, and Largosoft. They call it agent data injection , or ADI. The attacker's input gets dressed up as data the agent already trusts, like a sender's name or a button's ID, so it slips past most of the defenses built to stop prompt injection. The gap comes from how an agent reads. It takes in two kinds of things: instructions, meaning what you and the app's developer tell it to d...
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Jul 16, 2026 IoT Security / Vulnerability
Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext. A researcher publishing under the handle tokay0  put the method online  on Monday, having tested it only against vacuums he bought himself. The flaw was unpatched then. He says SharkNinja, the company behind the Shark and Ninja appliance brands, has had his report since March. The policy attached to that certificate was never scoped to the device holding it. Present it to Shark's cloud broker, and the broker accepts whatever you publish, addressed to any device it serves. No memory corruption, no privilege escalation, no password to guess. The command that runs is an ordinary field in the device shadow, the per-device state document AWS keeps in the cloud. Using the certificate from an RV2320EDUS, the rese...
cyber security

The AI Security Starter Pack

websiteWizAI Security / Cloud Security
Unlock 7 of the most widely used AI security resources in one place. Each asset provides practical tools for securing AI apps, models, and agents.
cyber security

11 real-world stories proving how identity drift opens active attack paths

websiteXM CyberIdentity Security / Exposure Management
Learn how attackers leverage privilege drift to reach critical assets across 11 architectural teardowns.
OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

Jul 16, 2026 Red Teaming / Software Security
OpenAI has disclosed details of GPT-Red , an internal automated red-teaming model that scales prompt injection vulnerability discovery with an aim to fix issues before the tools are deployed widely. "GPT‑Red is a strong red-teamer, and our previous models are highly vulnerable to its prompt injection attacks," the artificial intelligence (AI) company said . "We use GPT‑Red to adversarially train GPT‑5.6 , making it much more robust to prompt injections." The model works just like a human red-teamer. It sends a prompt, monitors how a GPT model responds, and iterates its way towards a malicious goal, such as uploading sensitive data to an external server. The development comes as adversarial prompt injections continue to be a persistent thorn in the flesh of large language models, which can be tricked into executing a carefully crafted instruction⁠ that can produce undesirable consequences. As agentic systems continue to be hooked to third-party data sources ...
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.

SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.

Jul 15, 2026 Network Security / Enterprise Security
For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped keeping up. Enterprise workflows now live across SaaS applications, browsers, and an expanding ecosystem of generative AI tools, unsanctioned browser extensions, and autonomous agents. Employees routinely paste intellectual property into public LLMs for code optimization, while automated agents query internal documentation and move data across systems at machine speed. The challenge is not that SASE failed, but that data interactions have shifted to the presentation layer, an area network-centric architectures were never designed to see. This structural paradigm shift is explored in detail within The Guide to Modern SASE Architecture . Why Traditional Enforcement Struggles Traditional SASE relies on backhauling traffic to cloud proxies for decryption, inspection, and policy enforcement. However, modern internet protocols, spe...
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

Jul 15, 2026 Malware / Software Security
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security , SafeDep , Socket , and StepSecurity . The affected packages are listed below - @asyncapi/generator-helpers@1.1.1 @asyncapi/generator-components@0.7.1 @asyncapi/generator@3.3.1 @asyncapi/specs(v6.11.2, v6.11.2-alpha.1) "The compromised packages deploy an obfuscated first-stage payload that downloads an encrypted second-stage payload, identified as Miasma, from IPFS," Socket said. The poisoned packages ship a hidden JavaScript implant, with each of them containing an injected source file that decodes to the same second-stage downloader. Unlike previous iterations that leveraged install hooks to trigger the execution of a JavaScript payload, the malicious code in this case is run when the infected module is loaded by Node.js, after which it launches a detached background node that downloads and execute...
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data

SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data

Jul 14, 2026 Enterprise Security / Vulnerability
SAP has rolled out updates to address multiple vulnerabilities as part of its July 2026 security updates, including a critical flaw in SAP NetWeaver Application Server ABAP. The vulnerability in question is CVE-2026-44747 (CVSS score: 9.9), an out-of-bounds write flaw that allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. "As a temporary workaround the note proposes to disable all ICF nodes with a specific property in transaction SICF," SAP security firm Onapsis said . "Since the workaround will disable opening transactions in SAP GUI for HTML, it is not an option for all customers and it is strongly recommended to install the patching ABAP Kernel version." Also addressed by SAP are two other critical vulnerabilities - CVE-2026-27690 (CVSS score: 9.1) - An HTTP request/response smuggling flaw in SAP Approuter...
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata

RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata

Jul 14, 2026 Vulnerability / Network Security
Cybersecurity researchers have disclosed details of two access control-related flaws impacting the RabbitMQ message broker service that could allow attackers to leak OAuth client secrets, expose enterprise messaging infrastructure to takeover risks, and bypass tenant boundaries. Miggo's security team, which discovered and reported the flaws, said one "leaks the broker's confidential OAuth secret to an unauthenticated attacker in a single request, a direct path to full broker takeover in the configurations that use that secret." The second vulnerability allows any logged-in user to silently read other tenants' data. Both shortcomings are said to have been present in the codebase since early 2024, impacting RabbitMQ release lines from 3.13.0 and later. They have been addressed in versions 4.3.0, 4.2.6, 4.1.11, 4.0.20, and 3.13.15. There is no evidence of active exploitation of either of the vulnerabilities prior to the public disclosure. A brief description ...
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials

OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials

Jul 14, 2026 Cloud Security / Identity Security
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry. The activity allows users to enumerate user accounts and validate stolen credentials in Microsoft Entra ID environments, without ever generating a successful sign-in event that would otherwise alert defenders. And bad actors have begun to exploit this gap to obtain unauthorized access to an organization's cloud services. "A blind spot in cloud sign-in telemetry: Entra ID returns different error responses depending on whether a supplied OAuth client ID is valid," Proofpoint said in a statement. "Attackers exploit this to infer valid usernames and correct passwords at scale, effectively checking stolen credential lists without logging a successful login." In other words, the attacks leverage the OAuth client ID, a globally unique identifier (GUID) assigned to applications when requesting access to ...
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read

Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read

Jul 14, 2026 Artificial Intelligence / Data Privacy
xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files a coding task needed. A researcher publishing as cereblab , testing version 0.2.93 , captured one of those uploads, cloned the git bundle out of the intercepted request, and pulled back a file the agent had been told in plain terms not to open. The upload rode a separate channel from the model itself, and the byte split is hard to argue with. On a 12 GB repo of files the model never read, model-turn traffic to /v1/responses came to about 192 KB while the storage channel to /v1/storage moved 5.10 GiB, a roughly 27,800x gap between what the model needed and what left the machine. That storage upload ran as 73 chunks of about 75 MB, every one returning HTTP 200, and across the researcher's size sweep the volume tracked total repo size. The destination bucket, grok-code-session-traces , is named in the binary and ...
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity

Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity

Jul 14, 2026 SaaS Security / Identity Security
Attackers whose methods line up with the data-extortion group  ShinyHunters  have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it. In  research published July 13 , Microsoft mapped the campaigns, which ran from mid-2025 into mid-2026, to three distinct techniques. It also worked with Salesforce to roll out new detection and governance tooling aimed at addressing the activity authentication logs miss. That is what makes this hard to catch. When the access comes from a real user who approved a connected app, or from an integration the company already trusts, the traffic reads as ordinary use, and sign-in and authentication monitoring barely registers it. What matters is what the app or account does once it is in, and that is ex...
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More

⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More

Jul 13, 2026 Cybersecurity / Hacking
Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is that the attackers have the same tools, pointed the other way, and they don't file tickets. That's the shape of this week. Trusted code turns on the people who installed it. Old bugs from last year are still landing because the fix sat in a queue too long. Fake installers, poisoned packages, systems left facing the open internet, and helpful little AI assistants running instructions that were never yours. The gap between "patch exists" and "already exploited" keeps shrinking, and nobody's closing it. None of it is exotic. That's what wears you down. Same ordinary mistakes, just happening faster than we can keep up. Here's the full mess, top to bottom. ⚡ Threat of the Week Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers — Progress urged customers to shut down Win...
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Jul 13, 2026 Email Security / Artificial Intelligence
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing , adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing lures that make use of legitimate email delivery infrastructure, such as Amazon Simple Email Service (Amazon SES) and Twilio SendGrid, to imitate a redirection chain that blends into regular email traffic before it ends in Forg365-controlled domains. "The panel exposes a mature operator workflow: accounts, links, invitations, OAuth app configuration, redirect links, SVG generation, campaign sending, SMTP profiles, SMTP rotation, AI email generation, token vaulting, account intelligence, keyword alerts, viewer links, and browser-extension support," ZeroBEC said . The email securi...
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory

Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory

Jul 13, 2026 Artificial Intelligence / Threat Intelligence
Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD) enumeration. "The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the enumeration attempt," Huntress researchers Jevon Ang and Dray Agha said . The attack chain involved the threat actor establishing Remote Desktop Protocol (RDP) access onto a domain-joined Windows Server with a set of pre-compromised credentials, followed by staging the tools in the "C:\ProgramData\" folder. The incident took place in early June 2026. This included an artificial intelligence (AI)-generated payload to map the Active Directory environment. The assessment is based on various telltale signs, such as the prompt iteration title, placeholder strings, over-engineered cod...
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

Jul 13, 2026 Identity Security / Threat Intelligence
An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it:  python3 -m http.server 8080 , was still sitting in the readable  .bash_history . From that one lapse, French security firm  Lexfo  lifted the operator's entire toolkit and pivoted through it to two more phishing operators, three campaigns in all. Each ran a custom fork of the open-source Evilginx proxy , cloned from public GitHub. The largest of the three had been running for more than a year, its victims overwhelmingly corporate mailboxes. The three got past MFA in two mechanically different ways, one by proxying the live login , one by abusing a legitimate Microsoft sign-in flow. The two need different defenses, which is the part that matters most if you run Microsoft 365. Directory listing on a working attack server is close to a full confession. The listing exposed phishing conf...
URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Jul 10, 2026 Enterprise Security / Security Incident
Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to a "credible external security threat." The company has temporarily disabled access to the affected accounts, a step it says it took "out of an abundance of caution" while it works with internal and external security experts. It says it has no indication of unauthorized access to any ShareFile accounts or data, and that it notified customers after learning of the threat. What Progress has not said is what the threat is or who is behind it. The order became public when a customer posted the company's email to Reddit's  r/sysadmin  on July 10. Progress  confirmed the disruption on its status page, listing Storage Zone Controller customers as "not operational" and the incident as under investigation as of a 12:12 p.m. EDT update. Only the Storage Zone Controller is af...
New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

Jul 10, 2026 Malware / Enterprise Security
The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON . Chinese cybersecurity company QiAnXin said that while the threat cluster may appear like a low-sophistication, high-activity operation that propagates malware via counterfeit installers using SEO poisoning techniques, it belies their true organizational structure , which compromises multiple distributors. "These distributors conduct activities across Asia using counterfeit software installers distributed through SEO campaigns, leveraging variants of Gh0st RAT and WinOS (ValleyRAT) trojan families," QiAnXin said . One such campaign observed in mid-June 2026 involved a distributor delivering a previously undocumented modular RAT targeting technology, education, and state-owned enterprises in the country. MODBEACON's requested command-and-control (C2) infrastructure is hosted on Amazon and Cloudflare's Content Delivery Networ...
Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

Jul 10, 2026 Vulnerability / Server Security
A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher Sébastien Féry  disclosed the flaw on July 8  and nicknamed it XRING. He says it needs no login and no malformed packets: about 260 bytes of ordinary QPACK traffic takes the server process down. XQUIC is open-source, so the risk is not Alibaba's alone: any server that embeds it and serves HTTP/3 with the default QPACK settings is exposed. That includes Tengine, Alibaba's Nginx-based web server, which FoxIO says fronts the company's cloud and CDN on sites including Taobao and Alipay. Every release through v1.9.4, the latest, is affected. There is no fixed release and no CVE as of July 10. Until a fix ships, operators can set SETTINGS_QPACK_MAX_TABLE_CAPACITY to 0, which turns off QPACK's dynamic table, or drop HTTP/3 support entirely. The bug lives in how H...
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

Jul 10, 2026 Cybercrime / Website Security
A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million websites. Far fewer were actually broken into, but the exposed files showed researchers how a mass site-hacking operation runs from the inside. The operation, now tracked as WP-SHELLSTORM , is what  SOCRadar  calls a webshell access brokerage: a crew that breaks into sites at scale, plants a hidden backdoor (a "webshell") on each, and packages that access for resale. The strongest activity hit WordPress sites running out-of-date plugins. If you run WordPress or Joomla, the two flaws that mattered most were in the Breeze caching plugin and Joomla's JCE editor; skip to the checklist below if that's you. A forgotten server Two teams dug into the same exposed folder. SOCRadar's threat intelligence team spotted it on June 11, 2026, on a U...
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

Jul 10, 2026 Enterprise Security / Authentication
A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks. The threat actor, tracked by Okta under the moniker O-UNC-066 , has deployed a panel-controlled phishing kit that's capable of targeting the passkey enrollment process . The activity has singled out food and beverage, technology, healthcare, automotive, construction, and aviation industries. "The threat actor registers domains that incorporate the word passkey as part of a voice-enabled phishing ('vishing') scheme," Okta researcher Houssem Eddine Bordjiba said . "The threat actor then calls targeted users on the phone in an attempt to persuade them that they need to register a new passkey." Users are then directed to a phishing kit that's identical to the Microsoft passkey enrollment process, giving the impression that th...
Expert Insights Articles Videos
Cybersecurity Resources