data
-
Cisco Smart Software Manager Flaw Allowed Arbitrary Command Execution
Cisco has issued a critical security alert regarding a severe vulnerability in its Smart Software Manager On-Prem (SSM On-Perm) platform.…
Read More » -
WhatsApp Attack Chain Delivers VBS, Cloud Payloads, MSI Backdoor
A newmalware campaign leverages WhatsApp messages to deliver malicious Visual Basic Script (VBS) files to Windows systems, facilitating persistent remote…
Read More » -
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful…
Read More » -
Top 10 Best Dynamic Application Security Testing (DAST) Platforms in 2026
In today’s fast-paced software development world, where applications are released at an unprecedented rate, ensuring their security is more critical…
Read More » -
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking…
Read More » -
PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw
A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and…
Read More » -
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor hijacked the popular Axios NPM package in a high‑impact software supply chain attack, deploying a…
Read More » -
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known…
Read More » -
Axios NPM Packages Breached in Ongoing Supply Chain Attack
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a…
Read More » -
Telegram-Based ResokerRAT Adds Screenshot Capture and Persistence
Hackers are deploying a new Windows malware called ResokerRAT, a Telegram‑based Remote Access Trojan (RAT) that gives attackers stealthy remote control…
Read More » -
EvilTokens Launches New Phishing Service Targeting Microsoft Accounts
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather…
Read More » -
Google Introduces Advanced Ransomware Defense and Recovery Features in Drive
Google has officially rolled out its enhanced ransomware detection and file restoration capabilities for Google Drive, transitioning them from beta…
Read More » -
ChatGPT Vulnerability Enabled Silent Leakage of Prompts and Sensitive Information
Artificial intelligence assistants increasinglyhandle our most sensitive data, operating under the assumption that enclosed environments keep this information secure. However,…
Read More » -
RoadK1ll Malware Turns Hacked Devices Into Network Relays
Hackers are deploying a new Node.js-based implant dubbed RoadK1ll to quietly turn compromised hosts into on-demand network relays, enabling stealthy…
Read More » -
Notepad++ v8.9.3 Released With Fixes for cURL Security Flaw and Crash Bugs
Notepad++ version 8.9.3 is now available, bringing crucial fixes for a significant security flaw in the cURL library alongside resolving…
Read More » -
Russian Hackers Deploy “CTRL” for RDP Hijacking
Russian hackers are employing a new remote access toolkit named “CTRL” to stealthily hijack Remote Desktop Protocol (RDP) sessions through…
Read More » -
Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens
A fully operational TheGentlemen ransomware toolkit has been discovered by researchers on an exposed server, revealing victim credentials, ngrok tokens,…
Read More »