malicious
-
Microsoft Warns of Critical CVE-2026-33826 Flaw in Active Directory
Microsoft has issued an urgent alert regarding a critical security vulnerability in Windows Active Directory, exposing enterprise networks to serious…
Read More » -
OpenAI Launches GPT-5.4-Cyber to Bolster Cyber Defenses
OpenAI has introduced GPT-5.4-Cyber, a purpose-built variant of its flagship GPT-5.4 model, fine-tuned specifically for advanced defensive cybersecurity workflows. The…
Read More » -
Ivanti Neurons for ITSM Vulnerabilities Let Remote Attackers Hijack User Sessions
Ivanti has issued a security advisory detailing two medium-severity vulnerabilities affecting its Neurons for IT Service Management (ITSM) platform. These…
Read More » -
Emerging Android Banking Trojan Mirax: A Stealthy RAT with Residential Proxy Capabilities
A new Android banking trojan called Mirax is rapidly gaining traction in the cybercrime ecosystem, combining powerful remote access features…
Read More » -
New PlugX USB Worm Variant Spreads Globally Using Stealthy DLL Sideloading Techniques
A new variant of the PlugX USB worm is causing renewed concern as it spreads across several continents, leveraging DLL…
Read More » -
Janela RAT: Financial Cybercrime Campaign Using Fake MSI Installers and Malicious Browser Extensions
Janela Remote Access Trojan (RAT) campaigns leverage fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and…
Read More » -
Critical ShowDoc Vulnerability Exposes Organizations to Unauthenticated RCE
Cybersecurity researchers have uncovered a severe vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams. Tracked…
Read More » -
CISA Warns of Critical Fortinet Vulnerability: CVE-2026-21643
On April 13, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-21643 to its Known Exploited Vulnerabilities (KEV) catalog.…
Read More » -
The Emergence of Okta Vishing: Identity-Centric Cloud Attacks on the Rise
Hackers are increasingly abandoning email phishing in favor of a more sophisticated threat vector: voice-based social engineering targeting identity platforms…
Read More » -
Critical Security Flaws Discovered in Synology SSL VPN Client
In a significant development for cybersecurity, Synology has released a critical security update addressing dangerous vulnerabilities in its widely-used SSL…
Read More » -
Critical Axios Vulnerability Enables Full Cloud Infrastructure Compromise
A severe security flaw has been identified in Axios, one of the internet’s most popular HTTP client libraries. This vulnerability…
Read More » -
SaaS Platforms Abused: GitHub and Jira Become Phishing Proxies
Threat actors are weaponizing GitHub and Jira’s internal notification systems to craft undetectable phishing campaigns. By hijacking official mail servers,…
Read More » -
APT37 Campaign: Social Engineering via Facebook & Tampered PDFelement Targets Defense Sector
North Korea-linked threat actor APT37 is conducting a sophisticated intrusion campaign that weaponizes Facebook and Telegram to deliver a tampered…
Read More » -
Critical Apache Tomcat Security Updates Patch Three High-Risk Vulnerabilities
The Apache Software Foundation has issued critical security updates for Tomcat to address three newly disclosed vulnerabilities affecting widely deployed…
Read More » -
WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass
A newly disclosed vulnerability, tracked as CVE-2026-1492, has been identified in the User Registration & Membership plugin for WordPress, exposing…
Read More » -
Adobe Releases Emergency Patch for Critical Zero-Day Flaw in Acrobat and Reader
Adobe has issued an urgent security update to fix a critical zero-day vulnerability affecting Acrobat and Reader on both Windows…
Read More »