Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a ...
CSO Online

Unpatched SharePoint servers opened the door to multiple attackers, Microsoft finds

Separate actors exploited the same exposure, creating overlapping intrusions that obscured detection and response.
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
OSTechNix

Nmap Commands Explained: The Complete Guide to Network Scanning

Learn essential Nmap commands for network scanning, port discovery, and OS detection. Complete guide with examples and a ...
LinkedIn

Shai-Hulud malware compromises 23 npm packages

Shai-Hulud Strikes Again: 23 npm Packages Compromised in Multi-Stage Supply Chain Attack—Are Your CI/CD Pipelines Next? + Video Introduction The Shai-Hulud malware family—named after the giant ...
Cyber Wire

Cybersecurity Terms

Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at editor@n2k.com.