Cybersensus

CybersensusIndependent coverage of cybersecurity threats, tools, and privacy.https://cybersensus.com/AI Found 21 FFmpeg Zero-Days for $1,000. Chrome Patched 429 in One Shot.https://cybersensus.com/post/ai-found-21-ffmpeg-zero-days-for-1000-chrome-patched-42-28ecb8/https://cybersensus.com/post/ai-found-21-ffmpeg-zero-days-for-1000-chrome-patched-42-28ecb8/An AI agent found 21 FFmpeg zero-days for ~$1,000. That same week, Chrome 149 patched a record 429 bugs.Sat, 06 Jun 2026 00:00:00 GMTMiasma Worm Tears Through 73 Microsoft GitHub Repositorieshttps://cybersensus.com/post/miasma-worm-tears-through-73-microsoft-github-repositor-ed7cb5/https://cybersensus.com/post/miasma-worm-tears-through-73-microsoft-github-repositor-ed7cb5/A self-replicating worm has compromised 73 Microsoft GitHub repositories across Azure, MicrosoftDocs, and related orgs, disabling developer access.Sat, 06 Jun 2026 00:00:00 GMTOpenAI's Lockdown Mode Closes ChatGPT's Data Exfiltration Exitshttps://cybersensus.com/post/openais-lockdown-mode-closes-chatgpts-data-exfiltration-cb1a6c/https://cybersensus.com/post/openais-lockdown-mode-closes-chatgpts-data-exfiltration-cb1a6c/OpenAI's new Lockdown Mode restricts outbound network features in ChatGPT to reduce prompt injection-based data exfiltration risks.Sat, 06 Jun 2026 00:00:00 GMTSolarWinds Serv-U Crash Flaw Now Under Active Exploitationhttps://cybersensus.com/post/solarwinds-serv-u-crash-flaw-now-under-active-exploitat-74eb74/https://cybersensus.com/post/solarwinds-serv-u-crash-flaw-now-under-active-exploitat-74eb74/CISA added CVE-2026-28318, a DoS flaw in SolarWinds Serv-U, to its KEV catalog with a federal patch deadline of June 19, 2026.Sat, 06 Jun 2026 00:00:00 GMTWordPress Sites Under Fire From Everest Forms Pro Code Injection Flawhttps://cybersensus.com/post/wordpress-sites-under-fire-from-everest-forms-pro-code--ce94cd/https://cybersensus.com/post/wordpress-sites-under-fire-from-everest-forms-pro-code--ce94cd/CVE-2026-3300 in Everest Forms Pro lets unauthenticated attackers run arbitrary PHP and create rogue admin accounts.Sat, 06 Jun 2026 00:00:00 GMTYour Smart TV's Idle Hours Are Selling Your Bandwidthhttps://cybersensus.com/post/your-smart-tvs-idle-hours-are-selling-your-bandwidth-da2fca/https://cybersensus.com/post/your-smart-tvs-idle-hours-are-selling-your-bandwidth-da2fca/Free apps embed Bright Data's SDK to route web-scraping traffic through home IPs, including always-on smart TVs, with consent screens that don't match actual daSat, 06 Jun 2026 00:00:00 GMT26 Years for Dark Web Drug Sales Built on Free Meth Sampleshttps://cybersensus.com/post/26-years-for-dark-web-drug-sales-built-on-free-meth-sam-f7ffee/https://cybersensus.com/post/26-years-for-dark-web-drug-sales-built-on-free-meth-sam-f7ffee/San Jose man Darren Hughes sentenced to 26+ years for fentanyl and meth sales on Nemesis Market, paid in cryptocurrency.Fri, 05 Jun 2026 00:00:00 GMT900 Gas Station Gauges Are Online and Undefendedhttps://cybersensus.com/post/900-gas-station-gauges-are-online-and-undefended-01f7e9/https://cybersensus.com/post/900-gas-station-gauges-are-online-and-undefended-01f7e9/Over 900 ATG systems in the US sit exposed on the open internet, vulnerable to command execution attacks that could disable fuel leak detection.Fri, 05 Jun 2026 00:00:00 GMTAI in the SOC Is Everywhere and Delivering Almost Nothinghttps://cybersensus.com/post/ai-in-the-soc-is-everywhere-and-delivering-almost-nothi-439456/https://cybersensus.com/post/ai-in-the-soc-is-everywhere-and-delivering-almost-nothi-439456/SOC-CMM 2026 data shows only 10% of security teams report excellent AI value, despite record adoption rates across every tool category.Fri, 05 Jun 2026 00:00:00 GMTAndroid Spyware Asin Targets Arabic Journalists Through Fake Conflict Appshttps://cybersensus.com/post/android-spyware-asin-targets-arabic-journalists-through-a8bf8f/https://cybersensus.com/post/android-spyware-asin-targets-arabic-journalists-through-a8bf8f/ESET has identified Android spyware called Asin spreading through fake news, PDF, and war map apps targeting Arabic-speaking users since early 2025.Fri, 05 Jun 2026 00:00:00 GMTCisco SD-WAN Zero-Day Grants Root Access Before Patches Existhttps://cybersensus.com/post/cisco-sd-wan-zero-day-grants-root-access-before-patches-2aa223/https://cybersensus.com/post/cisco-sd-wan-zero-day-grants-root-access-before-patches-2aa223/A high-severity zero-day in Cisco Catalyst SD-WAN Manager lets low-privilege attackers escalate to root. No patch is available yet.Fri, 05 Jun 2026 00:00:00 GMTOP-512 Is the Fourth China-Linked Group Hitting IIS Servers This Yearhttps://cybersensus.com/post/op-512-is-the-fourth-china-linked-group-hitting-iis-ser-38b4a8/https://cybersensus.com/post/op-512-is-the-fourth-china-linked-group-hitting-iis-ser-38b4a8/A new espionage cluster called OP-512 is deploying a custom three-shell web framework against Microsoft IIS servers, with China attribution at moderate-to-high Fri, 05 Jun 2026 00:00:00 GMTPCPJack Built a 230-Node SMTP Relay Network Inside Cloud Infrastructurehttps://cybersensus.com/post/pcpjack-built-a-230-node-smtp-relay-network-inside-clou-51f8da/https://cybersensus.com/post/pcpjack-built-a-230-node-smtp-relay-network-inside-clou-51f8da/PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a covert SMTP relay network, leaving tools exposed on an open C2 directory.Fri, 05 Jun 2026 00:00:00 GMTPolyfill.io Wakes Up Again, Hitting Toshiba and Muji Usershttps://cybersensus.com/post/polyfillio-wakes-up-again-hitting-toshiba-and-muji-user-ac3e15/https://cybersensus.com/post/polyfillio-wakes-up-again-hitting-toshiba-and-muji-user-ac3e15/Polyfill.io reactivated in late May 2026, serving HTTP 401 prompts that tricked browsers on Toshiba and Muji sites into showing fake login screens.Fri, 05 Jun 2026 00:00:00 GMTSolarWinds Serv-U Flaw Lets Attackers Crash Servers Without Logging Inhttps://cybersensus.com/post/solarwinds-serv-u-flaw-lets-attackers-crash-servers-wit-b65d20/https://cybersensus.com/post/solarwinds-serv-u-flaw-lets-attackers-crash-servers-wit-b65d20/CISA confirms active exploitation of CVE-2026-28318, a Serv-U denial-of-service flaw requiring no credentials. Federal agencies must patch by June 19.Fri, 05 Jun 2026 00:00:00 GMTThe Browser Is Now Where Breaches Begin and Go Undetectedhttps://cybersensus.com/post/the-browser-is-now-where-breaches-begin-and-go-undetect-c83996/https://cybersensus.com/post/the-browser-is-now-where-breaches-begin-and-go-undetect-c83996/The 2026 Verizon DBIR confirms what browser telemetry has shown for months: the browser is the primary attack surface most enterprises aren't watching.Fri, 05 Jun 2026 00:00:00 GMTTwo npm Worms Are Stealing Secrets and Rewriting Codehttps://cybersensus.com/post/two-npm-worms-are-stealing-secrets-and-rewriting-code-4d2a4b/https://cybersensus.com/post/two-npm-worms-are-stealing-secrets-and-rewriting-code-4d2a4b/IronWorm and a new Miasma variant have compromised over 50 npm packages, stealing credentials and self-propagating through GitHub repositories.Fri, 05 Jun 2026 00:00:00 GMTUNC5221 Spent 18 Months Undetected Before Deploying Three Backdoorshttps://cybersensus.com/post/unc5221-spent-18-months-undetected-before-deploying-thr-5045e6/https://cybersensus.com/post/unc5221-spent-18-months-undetected-before-deploying-thr-5045e6/Chinese APT group UNC5221 used Brickstorm, Plenet, and AgentPSD to maintain access across a victim network and its MSP for over 18 months.Fri, 05 Jun 2026 00:00:00 GMTWorld Cup 2026 Fraud Is Already Running, Weeks Before Kickoffhttps://cybersensus.com/post/world-cup-2026-fraud-is-already-running-weeks-before-ki-ba671e/https://cybersensus.com/post/world-cup-2026-fraud-is-already-running-weeks-before-ki-ba671e/Fake FIFA domains, banking trojans in streaming apps, and a single Chinese-speaking operation running 300 cloned login pages — all live before June 11.Fri, 05 Jun 2026 00:00:00 GMTA Single GitHub Issue Could Have Poisoned Anthropic's Own Actionhttps://cybersensus.com/post/a-single-github-issue-could-have-poisoned-anthropics-ow-0b3db6/https://cybersensus.com/post/a-single-github-issue-could-have-poisoned-anthropics-ow-0b3db6/A flaw in Claude Code's GitHub Action let any attacker with a bot account hijack public repos and steal write credentials via prompt injection.Thu, 04 Jun 2026 00:00:00 GMTAgentic AI in Classified Networks Has a Security Problem Alreadyhttps://cybersensus.com/post/agentic-ai-in-classified-networks-has-a-security-proble-3b6aa1/https://cybersensus.com/post/agentic-ai-in-classified-networks-has-a-security-proble-3b6aa1/Agentic AI is moving into defense networks fast. The security infrastructure underneath it isn't keeping pace.Thu, 04 Jun 2026 00:00:00 GMTBrave Charges $59.99 to Strip Out Its Own Browser Bloathttps://cybersensus.com/post/brave-charges-5999-to-strip-out-its-own-browser-bloat-7ffb88/https://cybersensus.com/post/brave-charges-5999-to-strip-out-its-own-browser-bloat-7ffb88/Brave Software launches Origin, a paid $59.99 browser that removes crypto, AI, and ads features — and the backlash is pointed.Thu, 04 Jun 2026 00:00:00 GMTCisco SSRF, Iranian Crypto Sanctions, and an FSB Spyware Disclosurehttps://cybersensus.com/post/cisco-ssrf-iranian-crypto-sanctions-and-an-fsb-spyware--a837aa/https://cybersensus.com/post/cisco-ssrf-iranian-crypto-sanctions-and-an-fsb-spyware--a837aa/A Cisco UCM flaw with a CVSS 8.6 score, FSB spyware claims, and $7.7B in sanctioned Iranian crypto volume define this week's threat landscape.Thu, 04 Jun 2026 00:00:00 GMTCisco's Unified CM Has a File-Write Flaw and Public Exploit Codehttps://cybersensus.com/post/ciscos-unified-cm-has-a-file-write-flaw-and-public-expl-3045b0/https://cybersensus.com/post/ciscos-unified-cm-has-a-file-write-flaw-and-public-expl-3045b0/CVE-2026-20230 lets unauthenticated attackers write files and escalate to root. A public PoC exists and the version 15 patch isn't due until September.Thu, 04 Jun 2026 00:00:00 GMTHola Browser's Supply Chain Breach Quietly Installed a Monero Minerhttps://cybersensus.com/post/hola-browsers-supply-chain-breach-quietly-installed-a-m-84016d/https://cybersensus.com/post/hola-browsers-supply-chain-breach-quietly-installed-a-m-84016d/A cryptominer was found inside the Windows version of Hola Browser after a supply chain compromise went undetected until routine certification checks flagged itThu, 04 Jun 2026 00:00:00 GMTHow Magecart Attackers Hid Card Skimmers Inside Stripe's Own APIhttps://cybersensus.com/post/how-magecart-attackers-hid-card-skimmers-inside-stripes-cbd30d/https://cybersensus.com/post/how-magecart-attackers-hid-card-skimmers-inside-stripes-cbd30d/A new skimming campaign routes stolen payment data through api.stripe.com, bypassing CSP filters by abusing trusted infrastructure.Thu, 04 Jun 2026 00:00:00 GMTHow One Forum Post Is Teaching Beginners to Hack for Moneyhttps://cybersensus.com/post/how-one-forum-post-is-teaching-beginners-to-hack-for-mo-5856f7/https://cybersensus.com/post/how-one-forum-post-is-teaching-beginners-to-hack-for-mo-5856f7/A dark web tutorial by "Hercules" breaks vulnerability exploitation into steps any beginner can follow—and it's spreading fast.Thu, 04 Jun 2026 00:00:00 GMTIronWorm Malware Quietly Poisoned 36 npm Packages Before Anyone Noticedhttps://cybersensus.com/post/ironworm-malware-quietly-poisoned-36-npm-packages-befor-f8cdfe/https://cybersensus.com/post/ironworm-malware-quietly-poisoned-36-npm-packages-befor-f8cdfe/A Rust-based infostealer called IronWorm compromised 36 npm packages, targeting AWS, OpenAI, and SSH credentials via a stealthy supply-chain attack.Thu, 04 Jun 2026 00:00:00 GMTShinyHunters Dumps 234 GB of DentaQuest Data After Ransom Failshttps://cybersensus.com/post/shinyhunters-dumps-234-gb-of-dentaquest-data-after-rans-bccf1c/https://cybersensus.com/post/shinyhunters-dumps-234-gb-of-dentaquest-data-after-rans-bccf1c/DentaQuest's breach exposed 2.6 million accounts including health IDs and insurance data after ShinyHunters published 234 GB when negotiations collapsed.Thu, 04 Jun 2026 00:00:00 GMTWFP Breach Exposes 600,000 Gaza Households to Targeted Fraud Riskhttps://cybersensus.com/post/wfp-breach-exposes-600000-gaza-households-to-targeted-f-eabddd/https://cybersensus.com/post/wfp-breach-exposes-600000-gaza-households-to-targeted-f-eabddd/Attackers breached the WFP's Gaza self-registration platform on May 14, stealing names, ID numbers, phone numbers, and location data from roughly 600,000 househThu, 04 Jun 2026 00:00:00 GMTSPF, DKIM, and DMARC: A Practical Email Security Guidehttps://cybersensus.com/post/spf-dkim-and-dmarc-a-practical-email-security-guide-01d50f/https://cybersensus.com/post/spf-dkim-and-dmarc-a-practical-email-security-guide-01d50f/Email spoofing is trivially easy without proper DNS records. Here's how SPF, DKIM, and DMARC actually work and how to deploy them.Wed, 03 Jun 2026 00:00:00 GMTUsing Nmap for Defensive Network Monitoringhttps://cybersensus.com/post/using-nmap-for-defensive-network-monitoring-6cbebf/https://cybersensus.com/post/using-nmap-for-defensive-network-monitoring-6cbebf/Nmap is more than an attacker's tool. Defenders can use it to audit assets, spot rogue devices, and verify firewall rules.Wed, 03 Jun 2026 00:00:00 GMTVPN Split Tunneling: Security Benefits, Risks, and When to Avoid Ithttps://cybersensus.com/post/vpn-split-tunneling-security-benefits-risks-and-when-to-bb3989/https://cybersensus.com/post/vpn-split-tunneling-security-benefits-risks-and-when-to-bb3989/Split tunneling lets some traffic bypass your VPN. That flexibility comes with real security trade-offs worth understanding.Wed, 03 Jun 2026 00:00:00 GMTHow to Set Up a VPN on Any Device: A Practical Guidehttps://cybersensus.com/post/how-to-set-up-a-vpn-on-any-device-a-practical-guide/https://cybersensus.com/post/how-to-set-up-a-vpn-on-any-device-a-practical-guide/A step-by-step walkthrough for configuring a VPN on Windows, macOS, Android, and iOS — without relying on vendor apps.Mon, 01 Jun 2026 00:00:00 GMTHardening a Fresh Linux VPS Before You Do Anything Elsehttps://cybersensus.com/post/hardening-a-fresh-linux-vps-before-you-do-anything-else-afa7dc/https://cybersensus.com/post/hardening-a-fresh-linux-vps-before-you-do-anything-else-afa7dc/A default Linux VPS is an open target. These steps close the most exploited entry points before you deploy anything.Sun, 31 May 2026 00:00:00 GMTNo-Log VPN Claims: How to Actually Verify Themhttps://cybersensus.com/post/no-log-vpn-claims-how-to-actually-verify-them-7a5e7e/https://cybersensus.com/post/no-log-vpn-claims-how-to-actually-verify-them-7a5e7e/VPNs promise they don't log your activity, but few users know how to test those claims. Here's what the evidence actually looks like.Sun, 31 May 2026 00:00:00 GMTPi-hole Blocks Ads and Trackers at the DNS Layerhttps://cybersensus.com/post/pi-hole-blocks-ads-and-trackers-at-the-dns-layer-04872b/https://cybersensus.com/post/pi-hole-blocks-ads-and-trackers-at-the-dns-layer-04872b/Pi-hole intercepts DNS queries network-wide, blocking ads and trackers before they load. Here's how it works and what it can't do.Sun, 31 May 2026 00:00:00 GMTBurp Suite Community Edition: Capabilities, Limits, and Workaroundshttps://cybersensus.com/post/burp-suite-community-edition-capabilities-limits-and-wo-4fb8c6/https://cybersensus.com/post/burp-suite-community-edition-capabilities-limits-and-wo-4fb8c6/Burp Suite Community Edition is free but deliberately limited. Here's what you can realistically do with it and where it stops.Thu, 28 May 2026 00:00:00 GMTDNS Leaks: What They Expose and How to Stop Themhttps://cybersensus.com/post/dns-leaks-what-they-expose-and-how-to-stop-them-c697de/https://cybersensus.com/post/dns-leaks-what-they-expose-and-how-to-stop-them-c697de/A DNS leak can expose your browsing activity even when your VPN is active. Here's how to detect one and what the data reveals.Thu, 28 May 2026 00:00:00 GMTPassword Managers Done Right: Advanced Security Practiceshttps://cybersensus.com/post/password-managers-done-right-advanced-security-practice-b15908/https://cybersensus.com/post/password-managers-done-right-advanced-security-practice-b15908/Most users set up a password manager and stop there. Here's how to harden your setup against real attack vectors.Thu, 28 May 2026 00:00:00 GMTHow to Use a Hardware Security Key for SSH on Linuxhttps://cybersensus.com/post/how-to-use-a-hardware-security-key-for-ssh-on-linux-747e9e/https://cybersensus.com/post/how-to-use-a-hardware-security-key-for-ssh-on-linux-747e9e/Hardware security keys add phishing-resistant authentication to SSH. Here's how to configure one on Linux using FIDO2.Mon, 25 May 2026 00:00:00 GMTWireGuard vs OpenVPN: Which Protocol Holds Up in 2025https://cybersensus.com/post/wireguard-vs-openvpn-which-protocol-holds-up-in-2025-00a04d/https://cybersensus.com/post/wireguard-vs-openvpn-which-protocol-holds-up-in-2025-00a04d/WireGuard and OpenVPN take fundamentally different approaches to VPN security. Here's how they compare on speed, codebase, and real-world privacy.Mon, 25 May 2026 00:00:00 GMTWireshark for Beginners: Spotting Suspicious Network Traffichttps://cybersensus.com/post/wireshark-for-beginners-spotting-suspicious-network-tra-4e67d5/https://cybersensus.com/post/wireshark-for-beginners-spotting-suspicious-network-tra-4e67d5/You don't need to be a network engineer to use Wireshark. Here's how to catch red flags in your own traffic.Mon, 25 May 2026 00:00:00 GMTBrowser Fingerprinting Makes Your VPN Anonymity Incompletehttps://cybersensus.com/post/browser-fingerprinting-makes-your-vpn-anonymity-incompl-30e972/https://cybersensus.com/post/browser-fingerprinting-makes-your-vpn-anonymity-incompl-30e972/VPNs mask your IP address, but browser fingerprinting tracks you through device attributes no tunnel can hide.Fri, 22 May 2026 00:00:00 GMTHow to Find Unauthorized Devices on Your Home Networkhttps://cybersensus.com/post/how-to-find-unauthorized-devices-on-your-home-network-830347/https://cybersensus.com/post/how-to-find-unauthorized-devices-on-your-home-network-830347/Unknown devices on your home network can expose your data. Here's how to audit and secure it yourself.Fri, 22 May 2026 00:00:00 GMT