Cyber Security – Page 7 – Simply Secure Group

Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks

A set of high-severity vulnerabilities has been identified in the Angular Language Service Visual Studio Code extension (Angular.ng-template), potentially exposing developers to remote code execution (RCE) attacks through multiple exploitation paths. The vulnerabilities arise from insecure handling of user-controlled input and unsafe configuration loading within the extension. Researchers found that attackers can exploit trusted development […]

Windows Server 2016 Domain Controller May Fail with 15-Character Hostname

Windows administrators are facing a disruptive bug in Windows Server 2016 following Microsoft’s May 12, 2026, security update KB5087537. The update introduced a critical flaw that caused domain controller discovery to completely fail on servers configured with hostnames exceeding the 15-character NetBIOS limit, leaving administrators unable to perform essential network operations. Microsoft acknowledged the issue […]

Anthropics Restricted Claude Mythos Moves Toward Public Release via Claude Code and Security

Anthropic appears to be loosening its grip on Claude Mythos, the company’s most powerful and previously restricted AI model, with new signals pointing to a commercially versioned release under the name Mythos 1 (claude-mythos-1-preview), integrated directly into Claude Code and a revamped Claude Security dashboard targeting enterprise customers. Claude Mythos first surfaced in late March […]

InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection

A North Korea-linked hacker group has quietly upgraded one of its most dangerous tools, making it harder for security software to detect. InvisibleFerret, an information-stealing malware tied to the threat actor known as Void Dokkaebi (also tracked as Famous Chollima), has been repackaged into a format that slips past many traditional detection methods. Instead of […]

Hackers Actives Scanning SonicWall Firewall Interfaces 597,000 Sessions Observed

A sharp rise in internet-wide scanning activity targeting SonicWall firewall management interfaces has been detected, raising concerns about a potential pre-disclosure reconnaissance phase tied to new vulnerabilities. Threat intelligence firm GreyNoise reported a significant surge in scanning of SonicWall SonicOS management APIs between May 9 and May 18, 2026. The most notable spike occurred on […]

Pentest Agent Suite Bug Bounty Framework for Claude Code and 6 AI Coding Tools

A fully autonomous bug-bounty framework called Pentest Agent Suite has been open-sourced, delivering 50 specialized security agents, 26 slash commands, 19 CLI tools, and a cross-IDE installer across seven major AI coding platforms — Claude Code, OpenAI Codex, Google Gemini, Cursor, Windsurf, VS Code Copilot, and OpenClaw. The project, published on GitHub by researcher H-mmer, […]

PyrsistenceSniper Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS

PyrsistenceSniper is an advanced tool for detecting offline persistence, enabling cybersecurity analysts to identify 117 separate persistence mechanisms across Windows, Linux, and macOS platforms. Originally inspired by Autoruns and PersistenceSniper, this Python-based solution developed by Hexastrike enables rapid triage of forensic collections without requiring live system access. According to the Hexastrike GitHub repository, PyrsistenceSniper runs […]

Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks Patch Now!

A newly disclosed flaw in one of the world’s most widely deployed web servers is forcing administrators into another emergency patch cycle. Tracked as CVE-2026-9256 and publicly nicknamed nginx-poolslip, the vulnerability affects both NGINX Plus and NGINX Open Source, and can be triggered by a remote, unauthenticated attacker over plain HTTP. The vulnerability resides in […]

Hackers Exploit F5 BIG-IP Appliance to Gain SSH Access and Pivot Into Enterprise Linux Networks

A multi-stage intrusion attack where a threat actor exploited an internet-facing F5 BIG-IP edge appliance as the entry point for a widespread, identity-focused attack that ultimately accessed Active Directory. According to Microsoft’s Defender Security Research, the attack reflects a growing trend in which firewalls, VPN gateways, and load balancer devices traditionally deployed as security boundaries […]

Hackers Compromised 233 Versions of Laravel-Lang Packages by Hacking 700 GitHub Repos

A highly sophisticated supply chain attack has compromised the Laravel-Lang ecosystem, injecting credential-stealing remote code execution backdoors into 233 package versions across 700 GitHub repositories. Discovered in May 2026 by Socket and Aikido, threat actors manipulated GitHub tags to distribute malware through Composer’s autoloader, granting complete remote access to developer environments. The attackers bypassed direct […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.