Cybersecurity News
-
Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access
Microsoft recently patched a severe Elevation of Privilege (EoP) vulnerability in the Windows Error Reporting (WER) service, officially tracked as CVE-2026-20817. This flaw allows a local attacker with standard user…
Read More » -
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to coincide with the country’s busy tax-filing and corporate restructuring season.…
Read More » -
BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers
The Internet Systems Consortium (ISC) has released critical security advisories addressing three new vulnerabilities in the widely used BIND 9 Domain Name System (DNS) software suite. If left unpatched, remote…
Read More » -
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recent incident response investigation by WithSecure’s STINGR Group revealed…
Read More » -
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical code-injection vulnerability discovered within Langflow. Tracked as CVE-2026-33017, this severe security flaw has been officially…
Read More » -
VoidLink Rootkit Leverages eBPF and Kernel Modules to Stealthily Infiltrate Linux Systems
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity deep inside modern cloud environments. It targets distributions from CentOS…
Read More » -
Leak Bazaar Converts Stolen Corporate Data Into Organized Criminal Marketplace
A new cybercriminal service named “Leak Bazaar” has emerged on the Russian-speaking TierOne forum, advertised by user Snow of SnowTeam on March 25, 2026. Unlike conventional data leak sites, Leak…
Read More » -
GhostClaw AI Malware Targets macOS Users with Credential-Stealing Payloads
GhostClaw, a multi-stage macOS infostealer, now exploits both GitHub repositories and AI-assisted development workflows to steal credentials and deploy secondary payloads, significantly broadening its attack surface against users. Jamf Threat…
Read More » -
Fake Screenshot Lures Target Web3 Support Staff with Multi-Stage Malware Attack
A campaign attributed to APT-Q-27 (GoldenEyeDog), a Chinese group targeting Web3, is leveraging deceptive fake screenshot links delivered through support chat workflows to deploy a multi-stage, memory-resident Farfli backdoor. The…
Read More » -
Mozilla Releases Firefox 149.0 With Free Built‑In VPN Offering 50 GB Monthly Data
Mozilla has launched Firefox 149.0 on the Release channel, introducing a comprehensive suite of privacy and security upgrades to the browser. The most notable addition is a free, integrated VPN…
Read More » -
Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack
Aqua Security’s vulnerability scanner, Trivy, faced a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, exploited prior incomplete remediation to inject credential-stealing malware into official releases. This…
Read More » -
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats
Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms underpinning record-breaking attacks and stealthy cybercrime operations. Over 21,000 C2 servers were observed from July…
Read More » -
New Study Reveals How Infostealer Infections Lead to Dark Web Exposure in Just 48 Hours
New research highlights how infostealer malware can rapidly convert a single careless click into full credential exposure on dark web marketplaces within just 48 hours, significantly faster than traditional breach…
Read More » -
Five Malicious npm Packages Target Crypto Developers, Steal Wallet Keys via Telegram
Five malicious npm packages impersonating popular crypto libraries are stealing wallet keys from Solana and Ethereum developers and exfiltrating them directly to a hardcoded Telegram bot. Each package typosquats or…
Read More »