Notícias

Germany's domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. [...]

Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected.

The Vafoton PD 240W Thunderbolt 4 cable supports 40Gbps data transfer and is flexible enough to clip to my backpack.

Wiz Security claims Moltbook misconfiguration allowed full read and write access

Rapid7 researchers have attributed the recent hijacking of the Notepad++ update mechanism to Lotus Blossom (aka Billbug), a Chinese state-sponsored group known for targeting organizations in Southeast Asia for espionage purposes. On Wednesday, Kaspersky researchers shared the insights they've gleaned from their own telemetry: the attackers targeted individuals located in Vietnam, El Salvador and Australia; a government organization located in the Philippines; a financial organization located in El Salvador; and a Vietnamese IT service provider. … More → The post Notepad++ supply chain attack: Researchers reveal details, IoCs, targets appeared first on Help Net Security.

A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today. [...]

A Chrome extension posing as an Amazon ad blocker was found secretly hijacking affiliate links to redirect commissions to its developer. The post Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links appeared first on eSecurity Planet.

Researchers found access control flaws in Cal.com that could enable account takeover and expose sensitive booking data across organizations. The post Cal.com Access Control Flaws Expose Millions of Bookings appeared first on eSecurity Planet.

We've been running inference-time threat detection across 38 production AI agent deployments. Here's what Week 3 of 2026 looked like with on-device detections. Key Findings 28,194 threats detected across 74,636 interactions (37.8% attack rate) Inter-Agent Attacks emerged as a new category (3.4% of threats) - agents sending poisoned messages to other agents Data exfiltration leads at 19.2% - primarily targeting system prompts and RAG context Jailbreaks detected with 96.3% confidence - patterns are now well-established Attack Technique Breakdown Instruction Override: 9.7% Tool/Command Injection: 8.2% RAG Poisoning: 8.1% (trending up) System Prompt Extraction: 7.7% The inter-agent attack vector is particularly concerning given the MCP ecosystem growth. We're seeing goal hijacking, constraint removal, and recursive propagation attempts. Full report with methodology: https://raxe.ai/threat-intelligence Happy to answer questions about detection approaches submitted by /u/cyberamyntas [link] [comments]