ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Researchers at Permiso Security have uncovered a new vulnerability dubbed ChatGPhish that tricks OpenAI's ChatGPT into rendering malicious Markdown links and images when summarizing web pages. The AI’s response renderer automatically fetches embedded images and activates clickable links, allowing attackers to harvest IP addresses, User‑Agent strings, and Referrer headers, as well as deliver phishing URLs, spoofed alerts, and QR codes. The flaw turns routine summarization into a phishing surface, expanding the attack vector beyond email to everyday browser activity. Similar prompt‑injection techniques have been reported in Microsoft Copilot, Anthropic Claude, and other AI coding assistants.
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
A threat actor exploited the critical Marimo CVE‑2026‑39987 remote code execution flaw to gain initial access to an internet‑exposed notebook. Using a large language model (LLM) agent, the attacker harvested AWS credentials, retrieved an SSH private key from Secrets Manager,...
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
North Korean threat group Kimsuky intensified its 2026 campaign against South Korean military and corporate targets by deploying the HTTPSpy RAT through counterfeit security‑software installers and a fake Webex meeting page. The group introduced a novel "JSONPing" technique to verify...
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
Threat actors exploited a critical pre‑authentication API bypass (CVE‑2026‑35616) in FortiClient Endpoint Management Server to push a credential‑stealing payload disguised as a legitimate update. The attack leveraged the legitimate fortitray.exe to run a Base64‑encoded PowerShell script that downloaded FortiEndpoint_Patch.exe, harvesting...
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft publicly rebuked the recent public disclosure of six Windows zero‑day flaws after researcher Chaotic Eclipse released details without prior coordination. The vulnerabilities—BlueHammer (CVE‑2026‑33825), RedSun (CVE‑2026‑41091), UnDefend (CVE‑2026‑45498), YellowKey (CVE‑2026‑45585), plus GreenPlasma and MiniPlasma—include active exploitation of three flaws. Microsoft...
New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power Users"
LayerX Security’s State of AI Usage Report 2026 finds enterprise AI risk is concentrated among a small group of power users and a few dominant platforms. While half of employees have only occasional AI interactions, the top 5 % generate 144 or more conversations and...
Malicious Npm Package Stole Files From Claude AI User Directory via GitHub
Security researchers at OX Security have identified a malicious npm package, mouse5212‑super‑formatter, that steals files from the Claude AI user directory. The package uploads data to a threat‑actor‑controlled GitHub repository by leveraging a GitHub token found on the victim’s machine...
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
Iran‑backed MuddyWater conducted a sophisticated espionage campaign in Q1 2026, compromising at least nine organizations across nine countries on four continents. The group employed DLL side‑loading using legitimately signed Fortemedia (fmapp.exe) and SentinelOne (sentinelmemoryscanner.exe) binaries to execute malicious DLLs, embedding the...
CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Indian Computer Emergency Response Team (CERT‑In) has issued new guidelines that require organizations to patch critical internet‑facing vulnerabilities within 12 hours where feasible. The directive responds to the rise of AI‑assisted cyber threats, which can automate vulnerability discovery and compress...
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
Iranian state‑sponsored group Nimbus Manticore has rolled out a new AI‑assisted backdoor, MiniFast, in a multi‑wave campaign that began in February 2026. The actors combined traditional career‑themed phishing with novel delivery methods, including AppDomain hijacking, a trojanized Zoom installer, and...
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via Npm, PyPI, and CratesIO
A coordinated supply‑chain attack dubbed TrapDoor has compromised more than 34 packages across npm, PyPI, and Rust’s Crates.io since May 22, 2026. The malicious modules target developers in crypto, DeFi, AI, and blockchain circles, stealing wallets, SSH keys, cloud tokens and other...
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Researchers discovered a supply‑chain attack that compromised four Laravel‑Lang PHP packages by rewriting all existing Git tags to a malicious commit. The malicious src/helpers.php file is added to the Composer autoload files, causing automatic execution whenever a Laravel or other...
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity firm SafeDep uncovered the Megalodon campaign, which injected malicious GitHub Actions workflows into 5,561 repositories, pushing 5,718 commits within a six‑hour window on May 18, 2026. The workflows contain base64‑encoded bash payloads that harvest CI environment variables, cloud credentials (AWS, GCP,...
When Identity Is the Attack Path
A cached AWS access key on a single Windows workstation gave an attacker potential access to 98% of the company’s cloud workloads, illustrating how a single credential can become a full‑scale attack path. The article argues that identity—whether AD groups,...
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub confirmed that a compromised version of the Nx Console VS Code extension was used to breach its internal repositories, exposing roughly 3,800 codebases. The malicious extension was published on the Visual Studio Marketplace for only 18 minutes before being removed,...