SysBlue Cyber Solutions

Home
Romania
Bucharest
SysBlue Cyber Solutions

Sysblue is an information security consulting and managed cybersecurity services firm with headquarters in Romania.

We help clients solve information security challenges based on risk, not fear.

04/06/2026

DentaQuest data breach exposed info of 2.6 million accounts.

A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts.

The security incident came to light last month, when the infamous extortion group ShinyHunters listed the company on its data leak site and claimed to have stolen more than 234 GB of data.

A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts.

03/06/2026

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute.

A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds.

The technique works on default HTTP/2 configurations of major web servers, including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora.

A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds.

02/06/2026

Microsoft Exchange Online outage causes email delays, failures.

Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America, Asia-Pacific (APAC), and Europe.

The company first acknowledged this incident (tracked under EX1331830) at 10:33 EDT, when it began investigating a stream of reports from users on social media.

Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany.

01/06/2026

WordPress malware campaign hides payloads in Steam profiles.

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

The threat actor used invisible Unicode characters to encode a payload that builds a URL to a malicious script. By leveraging Valve's platform, the attacker avoids maintaining a separate C2 infrastructure and evades traditional detection methods.

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

29/05/2026

ChatGPT share links abused to host fake outage pages to deliver malware.

Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application.

The "LLMShare" campaign, discovered by Push Security, uses Google ads to direct users searching for ChatGPT to a malicious shared ChatGPT page hosted on chatgpt.com, allowing the attack to be delivered through a legitimate OpenAI domain.

https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/

ChatGPT helps you get answers, find inspiration, and be more productive.

28/05/2026

Hackers exploit FortiClient EMS flaw to push infostealer malware.

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ.

The attacker disguised the malware as an update for Fortinet endpoints and executed it through VPN scripting workflows managed by FortiClient.

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ.

27/05/2026

Glassworm botnet disrupted after resilient C2 infrastructure takedown.

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network.

In a coordinated operation conducted yesterday, CrowdStrike, Google, and The Shadowserver Foundation cut off the botnet operators’ access to four distinct command-and-control (C2) channels designed to resist conventional disruption efforts.

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network.

26/05/2026

How Varonis Atlas integrates Claude Compliance API for AI governance.

Varonis announced an integration with the Claude Compliance API, bringing Claude Enterprise and Claude Platform activity into Varonis' Atlas AI Security Platform.

Organizations across industries rely on Claude Enterprise for day-to-day knowledge work and analysis, and Claude Platform to build, deploy, and operate applications, tools, and AI agents. Varonis Atlas provides the visibility and oversight that enterprises need to adopt AI with confidence.

AI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform uses Claude Compliance API data to help monitor usage, investigate risk, and support compliance.

25/05/2026

Anthropic’s restricted Claude Mythos model may be coming to Claude Code.

Anthropic appears to be preparing for the public rollout of "Mythos," which was announced in April as a restricted model that poses major security risks to private and public software.

On April 7, Anthropic announced the Mythos in early preview and called it a new frontier model with strikingly advanced capabilities in computer security tasks.

Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted model that poses major security risks to private and public software.

24/05/2026

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

The campaign was discovered by XLab threat intelligence researchers at Chinese cybersecurity company Qianxin, who confirmed impact on more than 700 domains, including university portals, AI/SaaS companies, media outlets, fintech firms, security sites, and personal blogs.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

Address

București
Bucharest
030171

Website

http://SysBlue.ro/

Alerts

Be the first to know and let us send you an email when SysBlue Cyber Solutions posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Want your business to be the top-listed Computer & Electronics Service in Bucharest?