Cybersecurity News
-
Iranian-Linked Hackers Targeting U.S. Critical Infrastructure Programmable Logic Controller
A joint advisory from multiple U.S. federal agencies warns that Iranian-affiliated advanced persistent threat (APT) actors are actively targeting internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on networks of U.S. critical…
Read More » -
Critical Ninja Forms File Upload Vulnerability Allows Unauthenticated Remote Code Execution
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress enables attackers to upload arbitrary files without authentication, potentially leading to remote code execution and complete site…
Read More » -
Critical Android Flaw Allows Zero-Interaction Denial-of-Service Attacks
Google released its April 2026 Android Security Bulletin, addressing multiple vulnerabilities. The most alarming flaw is a critical security vulnerability in the Android Framework. This Framework flaw (CVE-2026-0049), tracked as…
Read More » -
GPUBreach Attack Could Lead to Full System Takeover and Root Shell Access
Researchers at the University of Toronto have uncovered a new vulnerability dubbed “GPUBreach,” which demonstrates that GPU-based Rowhammer attacks can now achieve complete system compromise. Scheduled for presentation at the…
Read More » -
Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts
Hackers are increasingly abusing Kubernetes misconfigurations to jump from containers into high‑value cloud accounts, turning a single compromised pod into full cloud‑level access. This trend is accelerating rapidly, with Kubernetes‑related…
Read More » -
Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published
Cybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmill engine. These severe flaws allow remote attackers to take full control…
Read More » -
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised at least 766 servers in under 24 hours. The threat…
Read More » -
Tor-Backed ClickFix Campaign Drops Node.js RAT on Windows
Criminals are leveraging the “ClickFix” scheme, a deceptive tactic that dupes users into engaging with counterfeit CAPTCHA or verification screens. This campaign distributes a sophisticated Node.js-powered Remote Access Trojan (RAT)…
Read More » -
Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed
A critical security flaw in Flowise, a widely used open-source AI development platform, is currently being actively exploited in the wild. Trackable as CVE-2025-59528, this code injection vulnerability carries the…
Read More » -
Iran-Linked Hackers Hit M365 Tenants in Middle East Password Spray Campaign
Iran-linked threat actors have launched a coordinated password-spraying campaign targeting Microsoft 365 environments across the Middle East, according to new findings. The activity, observed throughout March 2026, unfolded in three…
Read More » -
Microsoft Warns Storm-1175 Exploiting Web-Facing Flaws to Deploy Medusa Ransomware
Microsoft is warning that a fast‑moving threat actor it tracks as Storm-1175 is aggressively exploiting vulnerabilities in internet‑exposed systems to deliver Medusa ransomware in days and sometimes in under 24…
Read More » -
Alleged REvil Leader ‘UNKN’ Identified by German Authorities in New Takedown Effort
German authorities have officially named one of the most notorious names in cybercrime. The German Federal Criminal Police (BKA) recently identified 31-year-old Russian national Daniil Maksimovich Shchukin as the man…
Read More » -
Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data
A malicious PyPI package, hermes-px, masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service. Marketed as an OpenAI-compatible, Tor-routed proxy…
Read More » -
Critical Claude Code Flaw Silently Bypasses User-Configured Security Rules
Anthropic’s flagship AI coding agent, Claude Code, contains a critical security flaw that silently bypasses developer-configured safety rules. The vulnerability allows attackers to execute blocked commands, such as data exfiltration…
Read More » -
Apache Traffic Server Flaw Allowed Attackers to Trigger Denial-of-Service Attacks
The Apache Software Foundation has released critical security updates to address two vulnerabilities in Apache Traffic Server (ATS). Disclosed on April 2, 2026, these flaws could allow remote threat actors…
Read More »