Cyber Security News

Posts

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

June 16, 2026

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is already in CISA's KEV. Here's what to check and how to patch. LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/Z9R4oUV

How Ransomware Works: Encryption Is the Least of Your Problems

June 15, 2026

Ransomware still encrypts files with a hybrid AES/RSA scheme, but the data theft and backup destruction that happen before encryption are where modern attacks do their real damage. How Ransomware Works: Encryption Is the Least of Your Problems on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/Y8t1pSu

Apple Silicon Is Not a Safe Harbor From Spectre-Class Attacks

June 14, 2026

MIT's Fractal OS has found the first evidence of Apple M1 Phantom speculation and overturned prior research on the M1's conditional branch predictor, challenging the assumption that Apple Silicon is safer from speculative execution attacks. Apple Silicon Is Not a Safe Harbor From Spectre-Class Attacks on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/bxKyQNR

Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer

June 13, 2026

An AUR supply chain attack compromised more than 400 Arch Linux packages from 11 June 2026, planting a Rust credential stealer and an eBPF rootkit that hides from standard inspection tools. Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/rGVzp0P

Check Point VPN Authentication Bypass (CVE-2026-50751): Client-Controlled IKEv1 Auth Flipped by Ransomware Affiliate

June 12, 2026

A CVSS 9.3 flaw in Check Point Remote Access VPN let unauthenticated attackers bypass certificate validation by supplying a crafted IKEv1 VendorID payload — exploited for 32 days before a patch, with one confirmed Qilin ransomware post-compromise chain. Check Point VPN Authentication Bypass (CVE-2026-50751): Client-Controlled IKEv1 Auth Flipped by Ransomware Affiliate on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/8WAuQIP

Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice

May 18, 2026

Data breaches and ransomware incidents are often discussed as if they begin with a sophisticated… Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses . from Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses https://ift.tt/CMEP0c4