Skip to content
inionline.net
  • Managed IT Support Services
  • Contact Us
inionline.net
  • Blog

    New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware

    AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that does not exist. New research, which its authors call HalluSquatting, turns that habit into an attack: work out the fake names an AI reliably invents, register…

    Read More New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet MalwareContinue

  • Blog

    Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

    Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and arbitrary command execution. The list of vulnerabilities is as follows – CVE-2026-50746 (CVSS score: 10.0) – An improper access control vulnerability in UniFi Connect Application that…

    Read More Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OSContinue

  • Blog

    New Ghost Phishing Wave Is Breaking Traditional Email Security

    A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft…

    Read More New Ghost Phishing Wave Is Breaking Traditional Email SecurityContinue

  • Blog

    SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users

    A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Security Labs under the moniker REF6045, involves infecting victims through fake CAPTCHA verification pages that deceive them into running a malicious command that installs a PowerShell toolkit dubbed

    Read More SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking UsersContinue

  • Blog

    GitHub ‘Verified’ Commits Can Be Rewritten Into New Hashes Without Breaking Signatures

    New research shows that a signed Git commit’s hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any signed commit, someone without the signing key can mint a second commit with the same files, author, and date, and a valid signature, GitHub still stamps “Verified.” Everything a…

    Read More GitHub ‘Verified’ Commits Can Be Rewritten Into New Hashes Without Breaking SignaturesContinue

  • Blog

    The Verification Step Is the New ATO Battleground in 2026

    For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and for defenders, relatively well understood. That era is ending. Not because attackers gave up, but because the front door finally got harder to kick in….

    Read More The Verification Step Is the New ATO Battleground in 2026Continue

  • Blog

    GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code

    An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside a code editor. That is the finding of a new study of GitHub Copilot by researchers Abhishek Kumar and Carsten Maple. The models they tested through Copilot,…

    Read More GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in CodeContinue

  • Blog

    China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

    A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat (APT) actor that’s responsible for maintaining and proliferating LapDogs, an ORB network that first came to…

    Read More China-Linked UAT-7810 Expands ORB Network With New LONGLEASH MalwareContinue

  • Blog

    State IDs for AI Agents: Will Estonia Set a Precedent?

    The world’s digital testing ground plans to help people use AI agents for government purposes.

    Read More State IDs for AI Agents: Will Estonia Set a Precedent?Continue

  • Blog

    15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

    Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network

    Read More 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux DistrosContinue

Page navigation

1 2 3 … 517 Next PageNext
Facebook
Privacy Policy
Background by Vecteezy

Web Design 2024 SekuritasIT

Veteran Owned and Operated

Scroll to top
  • Managed IT Support Services
  • Contact Us