Cybersecurity News
-
EDR Killers Broaden Ransomware Tactics, ESET Warns
Ransomware gangs are rapidly expanding their use of EDR killers, moving beyond vulnerable drivers to a broader mix of scripts, anti‑rootkits, and driverless techniques. According to ESET’s latest telemetry-backed study,…
Read More » -
Adobe Releases Emergency Patch for Critical Zero-Day Flaw in Acrobat and Reader
Adobe has issued an urgent security update to fix a critical zero-day vulnerability affecting Acrobat and Reader on both Windows and macOS platforms. The flaw, tracked as CVE-2026-34621, is currently…
Read More » -
UK NCA Leads Global Anti-Crypto Fraud Operation Targeting 20,000 Victims
An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States.…
Read More » -
AI-Powered Cyberattack on Mexican Government Exposes Hundreds of Millions of Records
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A single threat actor successfully leveraged artificial…
Read More » -
EngageSDK Vulnerability puts millions of crypto wallets at risk
A recently identified flaw in the popular Android library EngageSDK has sparked serious worries within the cryptocurrency sector, potentially endangering millions of users to data breaches and illicit entry. Security…
Read More » -
Fake BTS Tour Ticket Scams Target Fans Worldwide
As BTS makes its highly anticipated return to the global stage following their mandatory military service, K-pop fans worldwide are scrambling to secure tickets for the upcoming “ARIRANG” world tour.…
Read More » -
5,219 Rockwell PLCs exposed online
Censys has warned that more than 5,000 Rockwell Automation/Allen-Bradley PLCs are currently exposed to the internet, as Iranian-affiliated APT actors actively target these devices across U.S. critical infrastructure. The same…
Read More » -
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East. This hack-for-hire campaign is…
Read More » -
TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover
Cybersecurity researchers have uncovered five significant security vulnerabilities in the TP-Link Archer AX53 v1.0 router. If left unpatched, these critical flaws could allow attackers to take full control of the…
Read More » -
One Line, Eleven Models: The Sockpuppeting Technique That Defeats AI Safeguards
A newly discovered jailbreak technique called “sockpuppeting” can force 11 leading AI models—including ChatGPT, Claude and Gemini—to bypass their safety guardrails. By exploiting a standard API “assistant‑prefill” feature with just…
Read More » -
ClickFix, Malicious DMGs Push notnullOSX to macOS Users
Hackers are abusing ClickFix commands and booby-trapping DMG installers to deliver a new macOS stealer called notnullOSX, built to loot high-value crypto wallets from Mac users. The story starts with…
Read More » -
Attackers Deploy Hidden Magecart Skimmer on Magento Using SVG onload Abuse
Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and…
Read More » -
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score…
Read More » -
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade…
Read More » -
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the door for attackers to escalate their system privileges, guess…
Read More » -
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain controllers and web servers. By leveraging the new Microsoft Security…
Read More »