The issue affected Windows devices configured with policies designed to prevent automatic updates, particularly in enterprise environments where strict update governance is enforced.

Despite these controls, some users observed that drivers were being installed without administrative approval, raising concerns about policy enforcement and endpoint integrity.

The incident, tracked under Microsoft reference MO1332784 and NHSmail reference INC46841357, was first reported on June 3, 2026, and officially resolved on June 4, 2026.

According to Microsoft’s investigation, the root cause was linked to a failure in a caching service used by Windows Update.

Microsoft 365 Degradation Bypassed Windows Driver

This service temporarily dropped device enrollment information, which is critical for identifying systems managed under enterprise policies such as Microsoft Intune or other MDM solutions.

When this enrollment data was lost, affected systems were mistakenly classified as non-enrolled devices. As a result, standard driver approval restrictions were not applied, allowing drivers to be installed automatically.

Microsoft clarified that all drivers deployed during this period were officially signed and approved by Microsoft.

The company emphasized that these drivers do not pose a direct security threat, as they passed Microsoft’s standard validation and signing processes.

However, the incident highlights a significant gap in policy enforcement mechanisms, particularly in environments that rely on strict compliance and change-control procedures.

From a security perspective, although no malicious activity was involved, the event raises concerns about trust boundaries and update channels.

Unauthorized or unexpected changes to system drivers can still impact system stability, compatibility, and audit compliance.

In regulated sectors such as healthcare and finance, even approved changes outside defined processes can trigger incident reviews.

Microsoft stated that the issue has been fully mitigated following validation from affected users. Systems have resumed normal behavior, and configured policies once again govern driver installations.

The company is continuing its internal review to understand how the caching service failure occurred and to improve resilience against similar disruptions.

This incident serves as a reminder that even trusted update mechanisms can introduce operational risks when underlying service dependencies fail.

Security teams are advised to review endpoint logs for unexpected driver installations during the affected timeframe and to ensure monitoring is in place to detect policy deviations.

Microsoft’s ongoing analysis is expected to lead to improvements in detection and recovery mechanisms within Windows Update services, reducing the likelihood of similar issues in future deployments.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post Microsoft 365 Service Degradation Bypassed Windows Driver Auto-Update Controls appeared first on Cyber Security News.

The updated build, now called Reaper, spreads through fake websites that impersonate popular software, luring unsuspecting users into a trap.

Once inside a system, it can silently drain everything from browser credentials to cryptocurrency wallets before the victim ever notices anything is wrong.

What makes this version particularly worrying is the attack method it uses to get onto your Mac. Instead of relying on the old trick of asking users to copy and paste a script into their Terminal, Reaper automates the process entirely.

It uses a fake webpage to silently open your Mac’s Script Editor, pre-loaded with malicious code, and all a user has to do is click one button to unknowingly launch the infection.

Researchers at Moonlock identified and reported on this new SHub Reaper campaign, noting this is already the third time in under two months that this automated ClickFix technique has appeared across separate macOS malware campaigns. 

Moonlock said in a report shared with Cyber Security News (CSN) that the trend of automating ClickFix is picking up speed among macOS threat actors who tend to copy proven tactics from one another.

The campaign also goes to great lengths to appear trustworthy. Attackers spoof well-known brands and host malware payloads on domains that look nearly identical to legitimate ones.

They pass off malware downloads as Apple security updates and use fake Google Software Update pathways to plant persistent backdoors deep inside the victim’s Mac.

This level of deception is what makes SHub Reaper stand out even among other Mac stealers. By blending into the familiar look of trusted software tools and brands, the malware significantly lowers a user’s guard.

The result is a stealthy, multi-stage attack that ends with stolen data, drained wallets, and an attacker-controlled backdoor running quietly in the background.

SHub Stealer Targets Browsers and Crypto Wallets

The Reaper build is a significant upgrade over previous versions of SHub Stealer. Earlier builds could already steal browser data, macOS Keychains, iCloud account data, and Telegram session information.

The new version goes much further, now targeting Chrome, Firefox, Brave, Edge, Opera, Vivaldi, Arc, and Orion browsers, along with their extensions.

What truly sets Reaper apart is how it handles cryptocurrency. Rather than installing a fake wallet app, Reaper digs into the code of legitimate desktop wallet applications already on the Mac and quietly modifies them to steal funds.

Targeted wallets include Exodus, Atomic, Ledger Live, Electrum, and Trezor Suite. The malware also carries an AMOS-style Filegrabber that hunts through Desktop and Documents folders for valuable files, including .docx, .wallet, .key, .csv, .xls, and .json formats.

Once it collects everything, Reaper bundles the stolen data and quietly sends it to an attacker-controlled server using curl, a legitimate macOS command. Before exiting, it installs a disguised backdoor that registers itself as a Google update service to survive reboots and remain hidden.

How to Protect Yourself From SHub Reaper

Staying safe from Reaper starts with understanding how it gains entry. The malware relies heavily on social engineering, tricking users into doing something that appears normal but actually hands over system access.

If a webpage suddenly opens your Script Editor or Terminal and asks you to click Play, close that window immediately. That is not how legitimate software behaves.

Users should never enter their Mac system password into a pop-up that appears right after installing software. If any program asks for your password the moment after installation, treat that as a clear warning sign.

For those holding cryptocurrency, moving funds to an offline cold wallet or a separate dedicated device is far safer than keeping wallets on your primary Mac.

Keeping your operating system and security software consistently updated gives your defenses a much better chance of catching new stealer variants before they cause lasting damage.

Indicators of Compromise (IoCs):-

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post New SHub Stealer Variant Malware Targets Chrome, Firefox, Brave, Edge, Opera, and Crypto Wallets appeared first on Cyber Security News.

That trust, it turns out, is being quietly exploited. A growing wave of malicious Google Chrome extensions is secretly harvesting those conversations and sending them off to unknown servers, all while pretending to help users get more out of their AI tools.

The scale of this problem is hard to ignore. As of March 2026, AI-related Chrome extensions had already accumulated roughly 115 million users worldwide, according to Chrome Statistics 2026.

That enormous user base makes these extensions an attractive target for threat actors looking to scoop up valuable data with little effort and even less visibility.

Analysts at G Data published a report shared with Cyber Security News (CSN) exposing three specific extensions: Urban VPN, Smart Sidebar: ChatGPT, Claude and DeepSeek, and AI Assistant, now rebranded as Chat AI.

These add-ons carried strong ratings and large user counts on the Chrome Web Store, giving them a false air of credibility while their true behavior lurked beneath the surface.

What makes this campaign dangerous is the type of information being put at risk. Users routinely share deeply personal details, confidential business data, and medical information with AI platforms.

Whoever intercepts these conversations gains access to material that can be weaponized for fraud, blackmail, or corporate espionage with alarming ease.

The method these extensions use is calculated and deliberate. They quietly inject scripts into the browser, intercept outgoing network requests, and siphon off conversation data before it reaches its intended destination. Victims rarely notice because the AI platforms continue to function exactly as expected.

Malicious Browser Add-Ons

Urban VPN is the most widely recognized name in this group. Marketed as a free, privacy-focused tool with a 4.7-star rating, version 5.10.3 contained a hidden JavaScript file called “content.js” that targeted conversations across eight AI platforms, including ChatGPT, Claude, Copilot, Gemini, and DeepSeek.

Data collection ran continuously in the background, regardless of whether the VPN was even switched on.

The extension injected an executor script that intercepted network requests before they left the device, rerouting data through its own code.

Smart Sidebar took a similar approach: in version 1.9.6, it embedded a file called “aiResponder.js” inside a directory labeled “gptprocessor,” monitoring visits to ChatGPT and DeepSeek and capturing each chat interaction as it occurred.

Smart Sidebar’s collected data was encoded in Base64 and sent via a POST request to the domain “deepaichats[.]com,” already flagged by multiple security vendors on VirusTotal.

The encoded payload carried the unique chat ID, the AI platform visited, a timestamp, and the full conversation, forming a complete record of everything the user typed and received.

iFrame Injection and the Chat AI Threat

The third extension, AI Assistant, now called Chat AI, used a different but equally concerning approach. Despite holding a “Featured” badge from the Chrome Web Store and over 70,000 users, version 3.3.4 embedded a remotely loaded chat interface inside a hidden iframe.

It pulled user preferences from browser storage and forwarded that data to a newly registered, unverified external URL through a messaging system.

This iframe injection allowed the extension to sit between the user and the AI platform, quietly observing everything passing through it. Because the interface looked and behaved like a real assistant, users had no reason to suspect anything was wrong.

G Data recommends installing extensions only from trusted, official sources. Applying the Principle of Least Privilege is also key, meaning extensions should only receive the minimum permissions they need for their intended function.

Users should regularly review installed add-ons and remove anything requesting access it does not need. In organizational settings, administrators should enforce group policies that restrict browser extensions from accessing sensitive platforms, including AI tools.

Indicators of Compromise (IoCs):-

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Malicious Browser Add-Ons Target ChatGPT, Claude, Copilot, Gemini, and DeepSeek Users appeared first on Cyber Security News.

Agentic AI, which refers to AI that can plan and carry out multi-step tasks on its own, is now a target for attackers in ways that go beyond what traditional security models were built to handle.

As these systems move from research labs into real-world production environments, the threats they face are becoming more varied and more difficult to detect.

For much of the past year, security researchers have been putting agentic AI systems through rigorous testing to understand where they break down.

What they found was not just a handful of edge cases but a consistent pattern of exploitable weaknesses spanning supply chains, inter-agent communication, and the safeguards meant to keep humans in control.

The most alarming finding was that attackers can build chains that bypass human oversight entirely, from start to finish, without any additional interaction from a person.

Analysts at Microsoft identified and formally documented these findings through a comprehensive red team program targeting deployed agentic AI systems. 

Microsoft said in a report shared with Cyber Security News (CSN) that twelve months of real-world engagements informed a major update to their Taxonomy of Failure Modes in Agentic AI Systems, moving it from version 1.0 to version 2.0 with seven entirely new failure mode categories added.

The scale of the ecosystem being targeted became clear when the open-source framework OpenClaw launched in January 2026 and accumulated over 336,000 GitHub stars within 48 hours.

A security audit shortly after identified 512 vulnerabilities, including CVE-2026-25253, a one-click remote code execution flaw via WebSocket hijacking. Over 1,800 exposed instances were leaking API keys and credentials in that first week alone.

The Model Context Protocol, or MCP, which became the standard way for AI models to connect with external tools, also became a significant attack surface.

In 2025, researchers documented 99 CVEs tied to MCP-related software, and tool poisoning shifted from a theoretical concern to something attackers were actively doing in the wild.

Zero-Click Human-in-the-Loop Bypass Attack Chains

The finding that drew the most serious attention was how reliably red teamers bypassed human-in-the-loop controls, the checkpoints designed to require human approval before an AI agent takes a sensitive action.

Attackers achieved this through consent fatigue, gradually wearing down the review process with repeated low-stakes requests until a high-impact action slips through.

More critically, several engagements produced zero-click end-to-end chains where no human interaction was required beyond the initial agent launch, yet the outcome included data exfiltration or lateral movement through the target environment.

These chains worked by combining multiple failure modes, each individually subtle, into a compound attack that no single checkpoint could catch.

Session context contamination, where early-stage injected data quietly shaped the agent’s reasoning in later steps, proved especially hard to detect because nothing about any individual step looked suspicious on its own.

Seven New Failure Modes Defined

The updated taxonomy introduces seven new categories that reflect what red teamers actually encountered during live engagements.

These include agentic supply chain compromise, goal hijacking, inter-agent trust escalation, computer use agent visual attacks, session context contamination, MCP and plugin abuse, and capability or architecture disclosure.

Each describes a distinct way an agentic system can be manipulated that either did not exist or was not adequately covered before.

Microsoft’s mitigations for these risks are practical and architectural. Organizations are advised to generate a software bill of materials for every deployed agent that includes plugins, MCP servers, and prompt templates.

Agent identity should be verified cryptographically, not assumed from its position in a workflow. Human-in-the-loop controls should be hardened against compound action decomposition and semantic laundering, where an agent rewrites an approval description to obscure what it is requesting.

Tiered approvals based on action reversibility and monitoring for unusual approval request patterns round out the recommended controls.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Agentic AI Red Teaming Reveals Zero-Click Human-in-the-Loop Bypass Attack Chains appeared first on Cyber Security News.

The group, tracked as VerdantBamboo, has shown a level of patience and technical precision that sets it apart from most threat actors operating today.

The campaign came to light after suspicious network traffic was spotted coming from a Linux-based virtual machine on a customer’s network.

The device was an Egnyte Storage Sync appliance, designed to sync local files to the cloud.

Instead of connecting to Egnyte’s own infrastructure, it was quietly beaconing out to a domain controlled by the attackers, hiding behind Cloudflare IP addresses and using Google’s public DNS server at 8.8.8.8 to resolve queries over HTTPS, a technique that neatly disguised the malicious traffic.

Analysts at Volexity, a threat intelligence and incident response firm, identified the malware implant responsible for the activity as BRICKSTORM, a remote access trojan the group has been actively evolving. 

Volexity said in a report shared with Cyber Security News (CSN) that VerdantBamboo, also tracked as WARP PANDA and UNC5221, had maintained access to the victim network for at least 18 months before being discovered.

The attack turned out to be far more layered than it first appeared. VerdantBamboo had not only compromised the victim’s own systems but had also breached the organization’s Managed Services Provider.

From there, it gained access to credentials and internal infrastructure details that gave it a foothold into the victim environment through a path that bypassed standard security controls entirely.

What makes this intrusion especially notable is how VerdantBamboo re-entered the network even after being evicted.

Once the compromised appliances were taken offline, the attackers used stolen admin credentials to log into the victim’s exposed firewall, set up their own VPN tunnel, and pushed a new backdoor onto a Synology NAS device. The attack chain showed a resilience and adaptability that made recovery a significant challenge.

Chinese APT VerdantBamboo Uses BRICKSTORM Malware

BRICKSTORM is VerdantBamboo’s primary tool for maintaining control over compromised systems, and it has been deliberately crafted to thrive in environments where traditional security monitoring tools are absent.

The malware is built in Golang with a modular architecture, and its functionality is divided into separate packages that allow developers to customize each deployment for the specific target device.

On the Egnyte appliance, BRICKSTORM was placed in the /usr/sbin/ directory and launched manually by the threat actor each time it was needed, exploiting a misconfigured sudo rule to gain elevated privileges.

The same malware was found on the MSP’s pfSense firewall in a FreeBSD-compatible variant, obfuscated with a tool called gobfuscate and set to run automatically through a modified cron startup file.

Alongside BRICKSTORM, Volexity also identified two previously undocumented malware families: PLENET, a cross-platform backdoor compiled from .NET Core using Native AOT to make analysis harder, and AGENTPSD, a lightweight Python reverse shell designed as a fallback if BRICKSTORM stopped working.

Infrastructure Takedown and Detection Guidance

Volexity tracked VerdantBamboo’s command-and-control servers using a fingerprinting query on the Censys platform, identifying hosts running minimal services on port 443 with Cloudflare certificates and OpenBSD-based SSH clients.

Within days of that fingerprint being developed in September 2025, all the matching servers went dark, suggesting the threat actor had become aware of the investigation and shifted tactics to avoid detection.

The local privilege escalation flaw in the Egnyte Storage Sync system was reported to Egnyte and patched in Storage Sync v13.13.

Organizations running edge appliances, including firewalls, NAS devices, and storage sync systems, should ensure these systems are never directly accessible from the internet without MFA protections in place.

Accounts with sudo privileges should be audited for unintended permission chains. Systems that cannot run EDR agents need compensating controls such as network traffic monitoring, file integrity checking, and strict access policies to detect the quiet, long-term compromise that VerdantBamboo specializes in.

Indicators of Compromise (IoCs):-

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post Chinese APT VerdantBamboo Uses BRICKSTORM Malware to Compromise Firewalls and Appliances appeared first on Cyber Security News.

This is not a typical failure tied to weak defenses or victim error. The damage, in many cases, is baked directly into the malware’s design and leaves victims with broken files they cannot cleanly recover.

VECT 2.0 is a 64-bit Windows-based ransomware that targets business data including documents, PDFs, archives, backups, databases, and virtual disks.

Rather than targeting only specific file types, it walks accessible paths and skips a short exclusion list, meaning a wide range of important files fall within its scope. The malware is part of a broader family, with related builds also spotted under the DEVMAN 3.0 branding.

Researchers at Morphisec analyzed a Windows VECT 2.0 sample in detail, uncovering how the malware’s own design works against victim recovery.

They found that VECT can leave files renamed, partially encrypted, or structurally broken in ways that defeat even the attacker’s own recovery tool.

Morphisec said in a report shared with Cyber Security News (CSN) that the flaw extends well beyond a previously known nonce-loss bug documented by Check Point Research.

One of the most alarming findings is that VECT renames a file before it begins encrypting it. The malware appends the .vect extension first, then opens the file to modify its content.

This means a file with the .vect extension is not necessarily encrypted at all — it could be plaintext or only partially changed. That detail makes recovery challenging, since the extension cannot be taken as proof of what happened to any given file.

The malware also stores almost no metadata alongside encrypted files that could assist recovery. It appends only a 12-byte trailer holding the last encryption nonce from the operation, with no version field, no original file size, and no chunk information.

This bare-bones footprint makes it nearly impossible for any decryptor to reconstruct what the malware actually did to each file.

VECT 2.0 Ransomware

For files larger than 128 KB, VECT splits the content into four sections and encrypts a 32 KB block at the start of each using four different keys. Only the final key is saved to disk when the process finishes.

That means three of the four encrypted blocks are permanently out of reach for the built-in decryptor, because the data needed to reverse them is never retained.

Morphisec also uncovered a buffer-size mismatch in the single-pass encryption path. Files between 32 KB and 128 KB can enter a code path where the destination buffer is too small for the incoming data.

Depending on runtime behavior, the file may be renamed without encryption taking place, fail midway through, or end up in an inconsistent state that cannot be cleanly repaired.

Shared Buffers and Concurrent Processing Failures

VECT uses multiple worker threads to process files at the same time, but the buffers these threads rely on for file paths and content reads are shared globally across all workers.

When two threads handle different files at once, one can overwrite path or content data that another worker is still actively using.

This race condition means a single VECT incident can produce files in several very different states. One file might be only renamed, another fully encrypted, and a third left partially modified in a way that neither party can cleanly reverse.

A generic decryptor follows the attacker’s assumptions about file format, but VECT’s own implementation repeatedly violates those assumptions.

Given these risks, security teams are strongly encouraged to deploy prevention-first solutions that can stop ransomware before encryption begins.

Behavioral endpoint protection is far better suited to catching this threat early in the chain. Once files have been processed by VECT, even paying the ransom offers no guarantee of a full recovery.

Indicators of Compromise (IoCs):-

The Morphisec report does not list specific file hashes, IP addresses, command-and-control domains, or URLs as traditional IoCs. The sole artifact consistently associated with VECT 2.0 activity is the file extension it appends during processing, noted below for threat hunting and triage purposes.

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.

The post VECT 2.0 Ransomware Can Damage Files Its Own Decryptor Cannot Reliably Restore appeared first on Cyber Security News.

The issue, tracked as CVE-2026-20245, carries a CVSS score of 7.8 and stems from improper input validation in the system’s command-line interface.

According to Cisco’s advisory, the flaw stems from insufficient sanitization of user-supplied input during the processing of uploaded files.

An authenticated attacker can exploit this weakness by uploading a specially crafted file, which triggers command injection and enables privilege escalation to the root user.

Once root access is obtained, attackers can fully compromise the SD-WAN management plane, manipulate configurations, and potentially impact connected edge devices. The attack requires netadmin-level privileges, meaning the threat is not directly exploitable by unauthenticated actors.

Cisco SD-WAN Vulnerability Exploit

However, Cisco warns that attackers may chain this vulnerability with other known flaws, such as CVE-2026-20182 or CVE-2026-20127, to gain the necessary access.

This significantly increases the risk in real-world environments where credential compromise or chained exploitation is feasible. Cisco’s Product Security Incident Response Team (PSIRT) confirmed that the vulnerability has already been exploited in limited attacks.

In observed cases, threat actors used the flaw to push unauthorized configuration changes to SD-WAN edge devices. This suggests post-exploitation activity aimed at persistence, lateral movement, or traffic manipulation within enterprise networks.

The vulnerability affects all Cisco Catalyst SD-WAN Manager deployments, including on-premises, Cisco SD-WAN Cloud, Cloud-Pro, and government (FedRAMP) deployments.

Systems exposed to the internet are considered at higher risk, especially if management interfaces are accessible externally. At the time of disclosure, Cisco had not released a software patch to address the issue, and no workarounds were available.

The company has advised customers to upgrade to a previously released fixed software version referenced in its May 2026 advisory. However, a dedicated fix for this specific vulnerability is still pending.

Cisco has provided guidance to help organizations detect potential compromise. Administrators are urged to review the scripts.log file located in /var/log/ for suspicious entries.

One example is the execution of commands such as “/usr/bin/vconfd_script_upload_tenant_list.sh” with unexpected file paths, such as malicious CSV uploads.

However, Cisco notes that these log entries may also appear during legitimate operations, making careful analysis essential to avoid false positives.

To support incident response efforts, organizations are strongly advised to collect forensic data using the “request admin-tech” command before applying any upgrades.

This ensures preservation of critical evidence that may help determine the extent of compromise. Cisco also recommends reviewing device configurations and logs after upgrading, as patching alone may not remediate systems that have already been breached.

If indicators of compromise are identified, customers should engage Cisco TAC for guided remediation steps. Simply upgrading affected systems without addressing persistence mechanisms or unauthorized changes may leave networks exposed.

This vulnerability was reported by Mandiant, highlighting ongoing collaboration between vendors and threat intelligence teams in identifying active threats.

Given the active exploitation and lack of immediate fixes, organizations using Cisco SD-WAN should prioritize access control, monitoring, and log analysis to reduce risk while awaiting a permanent patch.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post Cisco SD-WAN Vulnerability Exploited in the Wild to Execute Arbitrary Commands as Root User appeared first on Cyber Security News.

Traditional X.509 certificate chains require significant bandwidth, which would increase substantially with the adoption of robust post-quantum algorithms. MTCs solve this by replacing the heavy, serialized chain of signatures with compact Merkle Tree proofs.

Earlier this year, Google unveiled Merkle Tree Certificates to Shield HTTPS Against Quantum Threats, as Chrome is spearheading the transition to Merkle Tree Certificates (MTCs). 

For years, post-quantum cryptography discussions prioritized encryption over authentication. The logic was sound: “harvest now, decrypt later” attacks make encrypted traffic immediately vulnerable, while forging authentication signatures requires a live Cryptographically Relevant Quantum Computer (CRQC). That window is closing fast.

The NSA’s CNSA 2.0 suite mandates that national security systems migrate to post-quantum algorithms by 2030–2035. NIST’s draft transition guidance (IR 8547) would deprecate RSA-2048 and P-256 after 2030 and disallow them after 2035.

The EU’s post-quantum roadmap targets high-risk systems by the end of 2030. Most significantly, Google announced a 2029 migration deadline for its services, and Cloudflare issued a parallel commitment.

Go 1.27 also added ML-DSA, a NIST-standardized post-quantum signature scheme, directly to its standard library, signaling infrastructure readiness.

The Web PKI’s scale makes naive post-quantum migration painful. ML-DSA-44, one of NIST’s smaller standardized schemes, produces signatures of ~2,420 bytes, nearly 38× larger than ECDSA-P256’s 64 bytes.

A typical TLS handshake carries five signatures and two public keys. Swapping these with ML-DSA equivalents pushes a single handshake well beyond 10 KB.

Cloudflare’s research confirms the consequence: at that scale, a meaningful share of real-world TLS connections fail outright, and the rest slow down. Degrading every TLS connection globally is too steep a tradeoff for a threat that hasn’t yet materialized.

Let’s Encrypt Unveils Merkle Tree Certificates

MTCs reframe how certificates are issued and verified. Instead of signing each certificate individually, a CA issues certificates in batches, with a single post-quantum signature covering the entire batch. Clients (browsers) maintain these batch signatures, called landmarks, independently of the TLS handshake.

The result: an MTC handshake carries just one signature, one public key, and one inclusion proof smaller than today’s Web PKI handshake, even while using post-quantum algorithms.

MTCs also bake in Certificate Transparency by design. Every certificate exists as part of a published Merkle tree, making transparency intrinsic to issuance rather than bolted on afterward. Let’s Encrypt has operated CT logs built on Merkle trees since 2019, giving it direct operational experience with the core data structure.

The MTC ecosystem is already mobilizing:

• Cloudflare and Chrome are running a live MTC feasibility experiment against real internet traffic
• The IETF’s PLANTS working group is actively standardizing the design
• Chrome has declared MTCs its preferred path for post-quantum certificates on the public web

Let’s Encrypt is targeting a staging MTC environment in late 2026 and a production-ready environment in 2027. The rollout requires big changes across issuance infrastructure, the ACME protocol (RFC 9881), revocation tooling, and CT log infrastructure.

For existing subscribers, nothing changes today. Certificates will continue to be issued via ACME exactly as before. ACME client maintainers, however, should begin tracking the PLANTS working group and the mtcs@chromium.org mailing list now, as client-side changes will be required.

For server operators, the most urgent action today remains enabling hybrid post-quantum key exchange (X25519MLKEM768) the primary defense against harvest-now-decrypt-later attacks on encrypted traffic.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post Let’s Encrypt Unveils Merkle Tree Certificates to Secure the Web Against Quantum Threats appeared first on Cyber Security News.

Tracked as CVE-2026-45495 and reported by Orange Tsai of DEVCORE, the flaw carries a CVSS v3 score of 7.5 and requires user interaction, for example, visiting a malicious webpage or opening a crafted file, to be exploited.

The vulnerability stems from improper validation during Edge’s processing of feedback log files. Specifically, Edge failed to properly validate a user-supplied file path before performing file operations.

An attacker who can trick a user into opening a malicious file or visiting a crafted page could exploit this flaw alongside other bugs to run code in the logged-in user’s context.

Because the exploit runs with the current user’s privileges, the impact ranges from data theft and browser profile compromise to local persistence or lateral movement where higher privileges exist.

According to the public advisory, the root cause is a path-validation defect in feedback log handling. By supplying a specially crafted path, an attacker can influence file operations in an unintended location.

While Microsoft’s advisory does not publish exploit code, the vulnerability’s characteristics (file-access path manipulation plus the need for user interaction) make social-engineering vectors malicious attachments, drive-by pages, or poisoned downloads—likely delivery mechanisms.

Microsoft’s release also coordinated updates for two additional Edge flaws discovered by the same researcher group:

• CVE-2026-45494 (CVSS 5.0): A navigation-handling weakness that can enable cross-origin script injection; user interaction required.
• CVE-2026-45492 (CVSS 4.3): Insufficient origin validation in cross-device managed sign-in, which can expose restricted functionality and be chained with other issues.

Microsoft has published fixes and urged users and administrators to apply updates immediately. Recommended actions:

• Update Edge to the latest stable release via Microsoft Update or the Edge About page.
• Apply operating system patches if prompted by Microsoft Update.
• Block or scrutinize untrusted attachments and links in email and messaging apps.
• Use least-privilege accounts for daily activities to limit exploit impact.
• Monitor endpoint detection systems for unusual file operations or new persistence mechanisms linked to browser processes.

The vulnerabilities were reported to Microsoft on May 20, 2026, with coordinated public advisories released and updated on June 4, 2026. Orange Tsai (@orange_8361) of the DEVCORE Research Team (@d3vc0r3) is credited with the findings.

Administrators should prioritize the CVE-2026-45495 update given its code-execution potential and ensure patching across user endpoints to reduce exposure.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post Microsoft Edge Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on Cyber Security News.

Beginning Sunday, May 31, 2026, an external threat actor launched a high-volume brute-force campaign targeting Dashlane user accounts. The attacker focused specifically on the platform’s device registration API endpoints, flooding them with automated requests designed to guess the 6-digit one-time tokens sent via email or generated by authenticator apps.

Dashlane’s automated security controls responded as intended, triggering account lockouts across targeted accounts before the attack was fully contained.

The threat actor exploited Dashlane’s device registration flow, which is triggered whenever a user adds a new device, such as a mobile phone or computer, to their account.

Upon successful 2FA verification, Dashlane registers the device and automatically downloads a copy of the encrypted vault to that device. By brute-forcing valid 6-digit tokens for a subset of accounts, attackers were able to complete the registration flow, effectively authorizing the device and downloading encrypted vault copies without the account holder’s knowledge.

Fewer than 20 personal plan users had their encrypted vaults exfiltrated. All affected users were directly notified by Dashlane.

Despite the vault downloads, Dashlane maintains that the stolen data remains effectively inaccessible. Vault contents are protected by the user’s Master Password, which is never transmitted to Dashlane servers in plaintext and is never stored a core principle of Dashlane’s zero-knowledge architecture.

The encryption stack Argon2 + AES-256-CBC + HMAC-SHA256 makes brute-forcing the Master Password statistically infeasible even over extended timeframes. There is no evidence that Dashlane’s internal infrastructure was compromised at any point during the incident.

On June 4, 2026, Dashlane announced the completion of its investigation, confirming no additional customer impact. Remediation steps included:

• Blocking malicious traffic at the network level.
• Reactivating suspended and locked-out user accounts.
• Deploying additional verification layers to the device registration flow.
• Hardening API endpoint protections to detect and filter future malicious traffic.

The incident underscores that even robust password managers can be targeted at the authentication perimeter rather than the encryption layer itself, making strong 2FA configuration and Master Password hygiene critical defensive controls for all users.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post Dashlane Details How Hackers Managed to Download Encrypted Password Vaults appeared first on Cyber Security News.