Cybersecurity News
-
Your Privacy Opt-Out Is Being Ignored by Google, Microsoft, and Meta
A bombshell independent audit has caught some of the world’s biggest technology companies red-handed — continuing to track users who have explicitly asked them to stop. Conducted by privacy technology…
Read More » -
Threat Group Disrupts Middle East Critical Sectors in Cyber Reconnaissance Operation
Cybersecurity researchers have identified a persistent threat group operating with high fidelity to the tradecraft of MuddyWater. This actor recently executed a massive operational campaign focused on critical infrastructure within…
Read More » -
Attackers Weaponize Google Cloud Storage to Deliver Remcos RAT Through Phishing Campaigns
Cybercriminals are increasingly leveraging Google Cloud Storage infrastructure to circumvent email and web content filters, deploying Remcos Remote Access Trojan via deceptive Google Drive-themed phishing operations. These sophisticated attacks combine…
Read More » -
Massive WordPress Supply Chain Attack: 30+ Plugins Compromised in Silent Backdoor Operation
A sophisticated supply chain attack targeting WordPress users lay dormant for nearly eight months before activating, ultimately compromising core configuration files and injecting hidden SEO spam across hundreds of thousands…
Read More » -
How Cybercriminals Are Turning Your Inbox Rules Into a Backdoor
Hackers are quietly exploiting a built-in Microsoft 365 feature to steal emails, hide security alerts, and maintain long-term access to corporate accounts — all without installing a single piece of…
Read More » -
Microsoft Releases April 14, 2026 Security Update KB5083769 for Windows 11 24H2 and 25H2
Microsoft has released KB5083769, the April 14, 2026 cumulative security update for Windows 11 versions 24H2 and 25H2. This update advances the OS builds to 26100.8246 and 26200.8246, respectively. This…
Read More » -
Microsoft Warns of Critical CVE-2026-33826 Flaw in Active Directory
Microsoft has issued an urgent alert regarding a critical security vulnerability in Windows Active Directory, exposing enterprise networks to serious risks. This flaw, officially labeled as CVE-2026-33826, allows authenticated attackers…
Read More » -
OpenAI Launches GPT-5.4-Cyber to Bolster Cyber Defenses
OpenAI has introduced GPT-5.4-Cyber, a purpose-built variant of its flagship GPT-5.4 model, fine-tuned specifically for advanced defensive cybersecurity workflows. The release marks a significant shift in how the company approaches…
Read More » -
Ivanti Neurons for ITSM Vulnerabilities Let Remote Attackers Hijack User Sessions
Ivanti has issued a security advisory detailing two medium-severity vulnerabilities affecting its Neurons for IT Service Management (ITSM) platform. These flaws could allow remote, authenticated attackers to hijack user sessions…
Read More » -
Fortinet Releases Critical Security Patches for 11 Vulnerabilities
Fortinet has announced a comprehensive security update addressing 11 newly identified vulnerabilities across several of its core enterprise products. These vulnerabilities span critical infrastructure components including FortiSandbox, FortiOS, FortiAnalyzer, and…
Read More » -
Microsoft Releases April 2026 Patch Tuesday Update: 168 Vulnerabilities Patched Including Active Zero-Day Exploit
Microsoft has addressed a critical security gap by releasing its April 2026 Patch Tuesday updates, covering 168 vulnerabilities across its product ecosystem. The release includes patches for one actively exploited…
Read More » -
Emerging Android Banking Trojan Mirax: A Stealthy RAT with Residential Proxy Capabilities
A new Android banking trojan called Mirax is rapidly gaining traction in the cybercrime ecosystem, combining powerful remote access features with residential proxy capabilities to turn victims’ smartphones into high-value…
Read More » -
New PlugX USB Worm Variant Spreads Globally Using Stealthy DLL Sideloading Techniques
A new variant of the PlugX USB worm is causing renewed concern as it spreads across several continents, leveraging DLL sideloading and USB-based propagation to bypass traditional security defenses. First…
Read More » -
Janela RAT: Financial Cybercrime Campaign Using Fake MSI Installers and Malicious Browser Extensions
Janela Remote Access Trojan (RAT) campaigns leverage fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data targeting financial institutions. The distribution of the…
Read More » -
AI Security Agent Uncovers Critical Auth Bypass in etcd
An autonomous AI security agent built by Strix has pinpointed a serious authorization flaw in etcd, the popular distributed key-value store relied upon by a vast number of backend and…
Read More » -
CISA Warns of Two Actively Exploited Microsoft Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has added two newly confirmed, actively exploited security flaws in Microsoft products to its Known Exploited Vulnerabilities (KEV) catalog, effective April 13, 2026.…
Read More »