185 stories from 26 sources
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise s…
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on suscept…
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active…
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploit…
December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity December 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) d…
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate pri…
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories You know that feeling when you open your feed on a Thursday morning and it's just... a lot?
January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day January 2026 saw 23 actively exploited CVEs, including APT28’s Microsoft Office zero-day and critical au…
March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day March 2026 saw a 139% increase in high-impact vulnerabilities, with Recorded Future's Insikt Gr…
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April…
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on com…
Microsoft releases emergency patches for critical ASP.NET flaw Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. [...]
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges…
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could…
Your MTTD Looks Great. Your Post-Alert Gap Doesn't Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser.
Your Supply Chain Breach Is Someone Else's Payday A supply chain attack by TeamPCP compromised trusted software tools to harvest credentials at scale, enabling payroll fraud, logistics theft, and ransomware extortion.
DPRK Fake Job Scams Self-Propagate in 'Contagious Interview' A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware.
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues Under the alias 'Chaotic Eclipse,' a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, c…
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in…
Adobe Patches Actively Exploited Zero-Day That Lingered for Months An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months.
注意喚起: NetScaler ADCおよびNetScaler Gatewayにおける境界外読み取りの脆弱性(CVE-2026-3055)に関する注意喚起 (公開)
注意喚起: F5 BIG-IP Access Policy Managerの脆弱性(CVE-2025-53521)に関する注意喚起 (公開)
Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary…
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises,…
NIST Revises Security and Privacy Control Catalog to Improve Software Update and Patch Releases The catalog revision is part of NIST’s response to a recent executive order on strengthening the nation’s cybersecurity.
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said.
CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to…
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate…
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli wa…
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and muni…
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025 Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware famil…
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of…
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy…
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023 A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023.
"We are currently clean on OPSEC": Why JD Can't Encrypt arXiv:2604.19711v1 Announce Type: new Abstract: We analyse the 2025 Signalgate leak of sensitive US military information by the Trump administration, addressing wh…
FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise FortiGate SSO flaws allows attackers to steal configs, abuse AD creds, deploy RMM tools, and exfiltrate NTDS files.
Hims Breach Exposes the Most Sensitive Kinds of PHI Threat actors breached the telehealth brand, and now they may know patients' personal health details. What could they do with that information?
Vercel Employee's AI Tool Access Led to Data Breach Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a researcher notes.
Lazarus-linked macOS malware hits crypto and fintech firms Security researchers linked a new “Mach-O Man” malware kit to a Lazarus campaign that uses fake meeting invites and ClickFix prompts to steal credentials and ac…
New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention Dubbed Lotus Wiper, the malware targets recovery mechanisms, overwrites drives, and systematically deletes files. The post New Wiper Malware T…
Third US Security Expert Admits Helping Ransomware Gang Angelo Martino of Florida has pleaded guilty to collaborating with the BlackCat cybercrime group while working as a ransomware negotiator. The post Third US Securi…
Threat landscape for industrial automation systems in Q4 2025 The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics and stati…
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures…
The long road to your crypto: ClipBanker and its marathon infection chain Threat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware…
Financial cyberthreats in 2025 and the outlook for 2026 In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware,…
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in…
New ransomware tactics to watch out for in 2026 Ransomware groups made less money in 2025 despite a 47% increase in attacks, driving new tactics: bundled DDoS services, insider recruitment, and gig worker exploitation.…
Russia's 'Fancy Bear' APT Continues Its Global Onslaught Victims don't need to match the cyber espionage group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
6-Year Ransomware Campaign Targets Turkish Homes & SMBs While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption.
Best Ransomware Detection Tools Stop ransomware before encryption begins. Learn how intelligence-driven detection tools can help identify precursor behaviors and reduce false positives for faster response.
Chinese APT Targets Indian Banks, Korean Policy Circles China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by some stale TTPs.
Ransomware Negotiator Pleads Guilty to BlackCat Scheme A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process.
The Vercel breach: OAuth attack exposes risk in platform environment variables Comments
Update on regulated medical device apps in the European Economic Area, United Kingdom, and United States To provide additional transparency to customers, the App Store will now display whether an app is a regulated medi…
Apple Push Notification service server certificate update The Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in sandbox on January 20, 2025,…
EvoPatch-IoT: Evolution-Aware Cross-Architecture Vulnerability Retrieval and Patch-State Profiling for BusyBox-Based IoT Firmware arXiv:2604.19496v1 Announce Type: new Abstract: BusyBox is one of the most widely reused…
Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers Heard of fileless malware? How about malwareless cyber espionage?
Privilege Elevation Dominates Massive Microsoft Patch Update Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities The National Institute of Standards and Technology is carving a new path for vulnerability remediation by changing the way it prioritizes software flaws.