acint, Author at Bulwark Black LLC

Identity Security Becomes Critical Attack Vector as Organizations Battle Fragmented Access Controls

acint2 months ago03 mins

Identity attacks have evolved beyond simply compromising individual accounts—modern threat actors now focus on what those identities can access across an organization’s sprawling digital ecosystem. As enterprises manage an explosive growth in human, non-human, and agentic identities, the attack surface multiplies exponentially across applications, cloud environments, and on-premises systems. The Fragmentation Crisis According to Microsoft’s…

Oracle Issues Rare Out-of-Band Patch for Critical CVE-2026-21992 RCE in Identity Manager

acint2 months ago03 mins

Oracle has released an emergency out-of-band security patch for a critical unauthenticated remote code execution vulnerability affecting Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992 with a CVSS v3.1 score of 9.8, this flaw allows attackers to achieve full system compromise over HTTP without any authentication. The Vulnerability CVE-2026-21992 impacts two critical…

CanisterWorm Wiper Weaponizes Trivy Supply Chain to Target Iran

acint2 months ago03 mins

A cybercrime group is attempting to leverage the ongoing US-Iran conflict by deploying a destructive wiper malware that specifically targets systems configured for Iranian users, according to new research from Krebs on Security and Aikido. TeamPCP Launches Iran-Targeting Wiper The financially motivated threat actor TeamPCP has weaponized its existing supply chain compromise to deploy CanisterWorm,…

TeamPCP Deploys CanisterWorm Wiper to Target Iranian Systems

acint2 months ago03 mins

The cybercrime group TeamPCP has added a destructive wiper component to their cloud-native attack infrastructure, specifically targeting systems in Iran based on timezone and language settings. From Data Theft to Destruction Security researcher Charlie Eriksen at Aikido discovered that TeamPCP deployed the wiper payload over the weekend, leveraging the same technical infrastructure used in their…

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

acint2 months ago02 mins

Threat actors are actively exploiting a maximum-severity security flaw in Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf research. The vulnerability, tracked as CVE-2025-32975 with a CVSS score of 10.0, allows attackers to completely bypass authentication and impersonate legitimate users without valid credentials. Active Exploitation in the Wild Arctic Wolf observed malicious activity…

TeamPCP Spreads Trivy Supply Chain Attack to Docker Hub and Kubernetes with Devastating Wiper Payload

acint2 months ago03 mins

The cybersecurity community is reeling from an escalating supply chain attack targeting Trivy, Aqua Security’s popular open-source vulnerability scanner with over 33,800 GitHub stars. The threat actor known as TeamPCP has expanded their campaign from compromised GitHub Actions to Docker Hub images and now a destructive Kubernetes wiper that specifically targets Iranian infrastructure. The Attack…

FBI Flash Alert: Iranian Handala Hackers Weaponize Telegram for Malware C2 Operations

acint2 months ago02 mins

The FBI has issued a flash alert warning network defenders that Iranian hackers linked to the Ministry of Intelligence and Security (MOIS) are actively using Telegram as command-and-control (C2) infrastructure in malware attacks targeting journalists, dissidents, and opposition groups worldwide. Threat Actor Profile The bureau attributed these attacks to two Iranian-linked threat groups: Attack Methodology…

Unit 42 Warns: AI Agents Could Enable Gift Card Theft and Returns Fraud at Scale

acint2 months ago03 mins

Palo Alto Networks’ Unit 42 has published new research examining how the rise of “agentic commerce” – AI agents that autonomously browse, shop, and transact on behalf of users – could be exploited by cybercriminals to conduct retail fraud at unprecedented scale. Read the full research from Unit 42. The Coming Wave of Agentic Commerce…

CVE-2026-33017: Critical Langflow AI Framework Vulnerability Exploited Within 20 Hours of Disclosure

acint2 months ago03 mins

A critical vulnerability in Langflow, the popular open-source visual framework for building AI agents and RAG pipelines, was weaponized by threat actors within just 20 hours of public disclosure—before any proof-of-concept code was publicly available. The Vulnerability Tracked as CVE-2026-33017 (CVSS 9.3), the vulnerability is an unauthenticated remote code execution (RCE) flaw affecting the /api/v1/build_public_tmp/{flow_id}/flow…

DoJ Disrupts Four Massive IoT Botnets Behind Record-Breaking 31.4 Tbps DDoS Attacks

acint2 months ago02 mins

The U.S. Department of Justice announced a major law enforcement operation to disrupt four IoT botnets — AISURU, Kimwolf, JackSkid, and Mossad — responsible for record-breaking distributed denial-of-service (DDoS) attacks reaching 31.4 terabits per second. The court-authorized takedown, conducted in partnership with authorities from Canada and Germany, targeted command-and-control infrastructure that had enslaved over 3…