May 30, 2026

Palo Alto PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Actively Exploited

Cybersecurity teams around the world are being urged to take immediate action following the discovery of a critical vulnerability in Palo Alto Networks’ PAN-OS software. The flaw, identified as CVE-2026-0257 and assigned a CVSS score of 7.8, is already being actively exploited in the wild. The vulnerability affects the GlobalProtect portal and gateway and allows attackers to establish unauthorized VPN […]
May 23, 2026

Anthropic’s AI Finds Thousands of Security Flaws in Major Software Systems

Anthropic made headlines after introducing Claude Mythos Preview, a new AI model designed to assist security researchers in finding previously unknown software vulnerabilities. Unlike traditional security tools, the model can analyze large amounts of code, identify potential weaknesses, and help researchers understand how those flaws might be exploited.At the same time, Anthropic launched Project Glasswing, a cybersecurity initiative that brought […]
May 20, 2026

GitHub Breached Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub has confirmed a security breach that resulted in unauthorized access to nearly 3,800 internal repositories after a malicious Visual Studio Code extension was installed on an employee’s device. According to the company’s investigation, the incident was traced to Nx Console version 18.95.0, a compromised extension that was published to the Visual Studio Code Marketplace on May 18, 2026. The […]
May 1, 2026

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

In a case that has shocked the cybersecurity community, two former cybersecurity professionals have been sentenced to four years in federal prison after helping the notorious ALPHV/BlackCat ransomware group carry out cyber extortion attacks.Ryan Goldberg, an incident response manager at Sygnia, and Kevin Martin, a ransomware negotiator at DigitalMint, used their industry knowledge to assist cybercriminals rather than protect organizations […]
April 27, 2026

AI Turns Vulnerability Hunter -Anthropic’s Mythos Changes Everything

Anthropic has introduced Claude Mythos Preview, describing it as its most advanced artificial intelligence model developed so far. The announcement has attracted significant attention across the cybersecurity community due to the model’s reported ability to identify software vulnerabilities at a scale far beyond traditional security research methods.According to information shared during early testing, the model demonstrated an exceptional capability to […]
March 27, 2026

European Commission Suffers Second Data Breach

The European Commission has confirmed that cybercriminals gained unauthorized access to part of its cloud infrastructure and stole more than 350 GB of data. According to initial findings, the attackers accessed information stored in the Commission’s Amazon Web Services (AWS) environment, including employee records, email server data, and databases linked to several Europa.eu websites.The breach was discovered on March 24, […]
February 12, 2026

Japan Airlines Hit by Unauthorized Access – 28,000 Passengers’ Data at Risk

Japan Airlines (JAL), one of Asia’s most respected airlines, disclosed a cybersecurity incident in February 2026 involving its Same-Day Baggage Delivery Service reservation platform. While the breach did not affect flight operations or core booking systems, it exposed personal information belonging to customers who had used the service over the past 18 months.The issue first came to light on the […]
December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
December 10, 2025

Kimwolf Botnet Hijacks 1.8 million Android TVs, Launches Large Scale DDoS Attacks

Kimwolf botnet has infected over 1.8 million Android devices worldwide, primarily targeting smart TVs, set-top boxes, and tablets like TV BOX, SuperBOX, X96Q, and MX10, turning them into a massive army for DDoS attacks. Discovered by QiAnXin XLab on October 24, 2025, via a suspicious malware sample, the botnet’s command and control (C2) domain 14emeliaterracewestroxburyma02132.su briefly topped Cloudflare’s global rankings, […]
12345
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.