Posts

PRC Hackers Exploit REDCap Research Servers

Image
PRC-Nexus Hackers Exploit REDCap Servers to Spy on Research Networks A PRC-nexus threat actor has been linked to a long-running cyber espionage campaign targeting research, healthcare, academic, and defense-related environments in the United States and Canada. Tracked by Google Threat Intelligence Group as UNC6508, the attackers compromised externally facing REDCap servers and used them as a foothold into sensitive research networks. REDCap, short for Research Electronic Data Capture, is widely used by hospitals, universities, clinical research teams, academic institutions, and public health organizations to collect and manage research data. That made it an attractive target. The campaign reportedly involved custom malware, credential theft, internal reconnaissance, persistence through software upgrades, and covert email exfiltration through Google Workspace content compliance rules. For enterprises, universities, healthcare providers, and research organizations, this is a serious warn...
Post a Comment
Read more

SearchJack Chrome Extensions Hijack User Searches

Image
SearchJack Campaign Uses 23 Chrome Extensions to Hijack User Searches Introduction: A coordinated campaign known as SearchJack has used 23 deceptive Chrome browser extensions to hijack user searches at scale. The campaign reportedly affected roughly 758,000 Chrome users worldwide. Each extension presented itself as a useful browser tool, including search helpers, map utilities, productivity tools, video tools, login helpers, and new tab enhancements. Behind the scenes, however, the extensions changed the browser’s default search behavior and routed user queries through operator-controlled relay systems. For everyday users, this means their searches may have been silently redirected through monetization infrastructure without clear consent. For enterprises, the incident is a serious browser security warning. Browser extensions can sit directly between users, search behavior, cloud applications, web sessions, credentials, and business workflows. When extensions are deceptive, they can be...
Post a Comment
Read more

Claude Fable 5 Jailbreak Raises AI Security Risks

Image
Claude Fable 5 Jailbroken to Generate Stack Exploits Anthropic’s Claude Fable 5 has reportedly been jailbroken only days after its public release. The model launched on June 9, 2026, as Anthropic’s first publicly available model in its new Mythos class. That matters because Fable 5 is described as one of Anthropic’s most capable AI systems to date, with strong performance in software engineering, knowledge work, vision tasks, and complex reasoning. For cybersecurity teams, the reported jailbreak is significant because it highlights a growing challenge. As AI models become more capable, their safeguards must withstand not only direct malicious prompts, but also multi-agent strategies, indirect framing, Unicode evasion, long-context manipulation, and decomposition attacks. This is no longer just an AI safety issue. It is an enterprise security, software development, and threat modeling issue. What Happened: Researcher Pliny the Liberator reportedly bypassed Claude Fable 5’s safety layers...
Post a Comment
Read more

Veeam RCE Vulnerability Exposes Backup Servers

Image
Veeam RCE Vulnerability Exposes Backup Servers to Attack Veeam has released security updates for a critical remote code execution vulnerability affecting Veeam Backup & Replication. Tracked as CVE-2026-44963, the flaw carries a CVSS score of 9.4 and can allow an authenticated domain user to execute code on the Veeam Backup Server. For enterprises, this is a high-priority security issue. Backup systems are not ordinary infrastructure. They hold recovery data, credentials, storage access, service permissions, restore workflows, and operational trust that organizations depend on during ransomware events, outages, and disaster recovery. When attackers compromise backup infrastructure, they may not only steal data. They may also weaken the organization’s ability to recover. What Happened: Veeam released Veeam Backup & Replication 12.3.2.4854 to address CVE-2026-44963. The vulnerability affects Veeam Backup & Replication 12.3.2.4465 and all earlier version 12 builds. According to...
Post a Comment
Read more

Check Point VPN Zero-Day Exploited in Attacks

Image
Check Point VPN Zero-Day Exploited in Ransomware Attacks A critical Check Point VPN zero-day vulnerability is being actively exploited in real-world attacks, including activity linked to Qilin ransomware. Tracked as CVE-2026-50751, the flaw affects Check Point Security Gateway products using Remote Access VPN and Mobile Access capabilities. The vulnerability allows an unauthenticated remote attacker to bypass user authentication and establish a VPN session without a valid user password. For enterprises, this is a serious perimeter security event. VPN systems are not just remote access tools. They are trusted gateways into internal networks, cloud-connected environments, administrative systems, sensitive applications, and business-critical infrastructure. When attackers bypass VPN authentication, they may gain the type of access defenders usually reserve for employees, contractors, administrators, and trusted users. What Happened: Check Point disclosed a critical authentication bypass v...
Post a Comment
Read more

Redis RCE Vulnerability Exposes Enterprise Servers

Image
Redis RCE Vulnerability Exposes Servers to Remote Code Execution Redis has disclosed a high-severity remote code execution vulnerability that could expose vulnerable servers to serious compromise. Tracked as CVE-2026-23479, the flaw is a use-after-free vulnerability in Redis server client unblocking logic. For enterprises, this is not just a database patching issue. Redis is widely used for caching, queues, real-time analytics, session storage, rate limiting, application acceleration, and backend service coordination. When Redis is vulnerable, exposed, or poorly segmented, attackers may be able to abuse a trusted performance layer as a path into business-critical systems. What Happened: Redis disclosed multiple vulnerabilities affecting Redis OSS and Redis Community Edition deployments. The most concerning issue is CVE-2026-23479, a use-after-free flaw that may lead to remote code execution. The vulnerability can be triggered by an authenticated user under specific conditions involving...
Post a Comment
Read more