Cybersecurity News
-
Safer Sideloading Arrives with Android’s Advanced Flow
Google has announced a new mechanism in Android called Advanced Flow, which enables power users to sideload APKs from unverified developers with enhanced security protections. The system, launching in August,…
Read More » -
Oracle Fixes High-Severity RCE Vulnerability Affecting Identity and Web Services Platforms
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992, this…
Read More » -
Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave
Criminals are actively deploying the PureLog Stealer malware through a sophisticated, multi-stage assault campaign that disguises itself as legitimate copyright infringement notifications. This data-stealing malware operates silently to extract sensitive…
Read More » -
Phishing Campaign Targeting Signal and WhatsApp Users Linked to Russian Intelligence
Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp through phishing campaigns that have already compromised thousands of accounts, according to a…
Read More » -
Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns
An international law enforcement operation has dismantled the core infrastructure of four destructive IoT botnets: Aisuru, KimWolf, JackSkid, and Mossad. These sprawling networks generated record-breaking DDoS attacks, with traffic volumes…
Read More » -
Bamboo Data Center and Server Vulnerability Enables Remote Code Execution
Atlassian has officially patched a critical Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre platform. Formally tracked as CVE-2026-21570, this severe security flaw introduces major risks for organizations…
Read More » -
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
The Cybersecurity and Infrastructure SecurityAgency (CISA) has issued an urgent warning concerning a critical zero-day vulnerability actively exploited in targeted ransomware attacks against heavily relied-upon Cisco security products. Formally tracked…
Read More » -
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
A critical flaw has beenidentified in UNISOC modem firmware, enabling attackers to execute arbitrary code remotely via cellular networks. As a leading semiconductor supplier, UNISOC supplies chipsets to major mobile…
Read More » -
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable attackers to execute malicious code remotely. The Stable channel update…
Read More » -
Cyberattack Leaves Thousands of U.S. Drivers Stranded, Unable to Start Vehicles
A significant cyberattack has disrupted a major U.S. vehicle breathalyzer service, leaving thousands of drivers unable to start their cars across the nation. Intoxalock, a leading provider of ignition interlock…
Read More » -
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Jenkins disclosed a critical security advisory addressing multiple vulnerabilities impacting its core automation server and the LoadNinja plugin. These flaws pose severe risks to CI/CD environments, including arbitrary file creation,…
Read More » -
ExpressVPN Uncovers Massive AI Data Leak: 3.7M Records Exposed in Plain Sight
A recent investigation published by ExpressVPN has uncovered a staggering 3.7 million pieces of private user data that were made publicly accessible — not through a sophisticated hack, but simply…
Read More » -
Fake Tools and CDNs Power New “Vibe-Coded” Malware Campaign
“Vibe coding” has evolved from a buzzword to a key battleground, and a new malware campaign shows how attackers are abusing AI-assisted development to scale their operations with minimal effort.…
Read More » -
CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert calling on organizations to aggressively harden their endpoint management systems. Released on March 18, 2026, the critical warning…
Read More » -
Pyronut Package Backdoors Telegram Bots With RCE
Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both the Telegram session and the underlying host system. The malicious…
Read More » -
Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network
A misconfigured opendirectory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a single actor stitched together a 15-node network across Iran and…
Read More » -
LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader
Ransomware group LeakNet is scaling its operation by integrating mass-market social engineering lures via ClickFix techniques with a stealthy Deno-based loader that executes entirely in memory, drastically reducing the time…
Read More » -
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
Apple released emergency security patches to address a critical WebKit flaw currently exposing iPhone, iPad, and Mac users to sophisticated content-based bypass attacks. Delivered seamlessly on March 17, 2026, via…
Read More »