SecureBulletin
A malicious NuGet package named "Sicoob.Sdk" impersonated the official Sicoob banking SDK and silently exfiltrated PFX certificates, private keys, an...
Malicious NuGet Package Impersonates Sicoob Banking SDK to Steal mTLS Certificates and Financial Credentials
31/05/2026 12:53
A malicious NuGet package named "Sicoob.Sdk" impersonated the official Sicoob banking SDK and silently exfiltrated PFX certificates, private keys, an...
SecureBulletin
Google has moved Device Bound Session Credentials (DBSC) to general availability in Chrome on Windows, cryptographically binding session cookies to t...
Google Chrome’s Device-Bound Session Credentials Go GA — Cryptographically Kills Cookie-Theft Attacks
31/05/2026 12:52
Google has moved Device Bound Session Credentials (DBSC) to general availability in Chrome on Windows, cryptographically binding session cookies to t...
SecureBulletin
GitLab has released emergency security patches (versions 19.0.1, 18.11.4, 18.10.7) fixing a CVSS 8.2 Duo AI identity flaw (CVE-2026-4868) that could ...
GitLab Patches High-Severity Duo AI Identity Flaw and Multiple Authorization, DoS Vulnerabilities
31/05/2026 12:52
GitLab has released emergency security patches (versions 19.0.1, 18.11.4, 18.10.7) fixing a CVSS 8.2 Duo AI identity flaw (CVE-2026-4868) that could ...
SecureBulletin
Microsoft has released KB5089573, a critical out-of-band update for Windows 11, permanently fixing the EFI System Partition space issue that caused w...
Microsoft Releases Emergency KB5089573 for Windows 11 to Permanently Fix Patch Tuesday Install Failures
31/05/2026 12:52
Microsoft has released KB5089573, a critical out-of-band update for Windows 11, permanently fixing the EFI System Partition space issue that caused w...
SecureBulletin
Threat actor JINX-0164 is targeting cryptocurrency developers via fake LinkedIn profiles, luring them into downloading custom macOS malware (AUDIOFIX...
JINX-0164: Crypto-Targeting APT Uses LinkedIn Job Lures and Fake Meeting Apps to Deploy macOS Malware and Poison npm Supply Chain
30/05/2026 11:00
Threat actor JINX-0164 is targeting cryptocurrency developers via fake LinkedIn profiles, luring them into downloading custom macOS malware (AUDIOFIX...
SecureBulletin
A new Go-based ransomware called The Gentlemen (tracked as Storm-2697 by Microsoft) spreads automatically across networks using eight simultaneous pr...
‘The Gentlemen’ Ransomware: Self-Propagating Go Encryptor Uses SYSTEM Scheduled Tasks to Lock Entire Networks
30/05/2026 10:59
A new Go-based ransomware called The Gentlemen (tracked as Storm-2697 by Microsoft) spreads automatically across networks using eight simultaneous pr...
SecureBulletin
A newly tracked threat actor called GREYVIBE is using generative AI tools including ChatGPT and Google Gemini to develop malware, generate phishing l...
GREYVIBE: Russian-Aligned Hackers Use ChatGPT and Google Gemini to Build Cyberweapons Targeting Ukraine
30/05/2026 10:59
A newly tracked threat actor called GREYVIBE is using generative AI tools including ChatGPT and Google Gemini to develop malware, generate phishing l...
SecureBulletin
A critical authentication bypass in Palo Alto Networks PAN-OS (CVE-2026-0257) is being actively exploited in two distinct waves, with attackers forgi...
CVE-2026-0257: Palo Alto PAN-OS Authentication Bypass Actively Exploited — Patch Immediately
30/05/2026 10:59
A critical authentication bypass in Palo Alto Networks PAN-OS (CVE-2026-0257) is being actively exploited in two distinct waves, with attackers forgi...
SecureBulletin
The npm package forge-jsxy quietly stole cryptocurrency wallet keys, browser credentials, and developer data across Windows, macOS, and Linux — pub...
Malicious npm Package forge-jsxy Pushes 22 Versions in 22 Days to Steal Crypto Wallets and Deploy Persistent Backdoor
29/05/2026 10:17
The npm package forge-jsxy quietly stole cryptocurrency wallet keys, browser credentials, and developer data across Windows, macOS, and Linux — pub...
SecureBulletin
The long-running Grandoreiro banking trojan has resurfaced with two active campaigns — one using DLL Side-Loading via cloud infrastructure and anot...
Grandoreiro Banking Trojan Returns: Targeting Portuguese Banks and Latin American Companies With Dual Campaigns
29/05/2026 10:15
The long-running Grandoreiro banking trojan has resurfaced with two active campaigns — one using DLL Side-Loading via cloud infrastructure and anot...