malicious

March 23, 2026

Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems

QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network…
Read More »
March 23, 2026

Oblivion RAT Masquerades as Play Store Update to Spy on Android Users

A newly discovered Android remote access trojan (RAT) called Oblivion RAT is raising concerns across the mobile threat landscape. Marketed…
Read More »
March 23, 2026

CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited…
Read More »
March 23, 2026

Libyan Refinery Targeted in Prolonged Spy Campaign With AsyncRAT

A targeted cyber espionage campaign against Libyan organizations compromised a Libyan oil refinery, a telecommunications provider, and a state institution…
Read More »
March 23, 2026

MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs

As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) demonstrate that Macs…
Read More »
March 23, 2026

SEO Poisoning Campaign Uses Fake Popular Apps to Deliver AsyncRAT

An ongoing SEO poisoning campaign abuses search results to trick users into downloading trojanized installers for more than 25 popular…
Read More »
March 23, 2026

CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple…
Read More »
March 21, 2026

Safer Sideloading Arrives with Android’s Advanced Flow

Google has announced a new mechanism in Android called Advanced Flow, which enables power users to sideload APKs from unverified…
Read More »
March 21, 2026

Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials

Ahighly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered…
Read More »
March 20, 2026

Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave

Criminals are actively deploying the PureLog Stealer malware through a sophisticated, multi-stage assault campaign that disguises itself as legitimate copyright…
Read More »
March 20, 2026

Phishing Campaign Targeting Signal and WhatsApp Users Linked to Russian Intelligence

Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp through phishing campaigns…
Read More »
March 20, 2026

Bamboo Data Center and Server Vulnerability Enables Remote Code Execution

Atlassian has officially patched a critical Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre platform. Formally tracked as…
Read More »
March 20, 2026

CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks

The Cybersecurity and Infrastructure SecurityAgency (CISA) has issued an urgent warning concerning a critical zero-day vulnerability actively exploited in targeted…
Read More »
March 20, 2026

Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls

A critical flaw has beenidentified in UNISOC modem firmware, enabling attackers to execute arbitrary code remotely via cellular networks. As…
Read More »
March 20, 2026

Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution

Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable…
Read More »
March 20, 2026

New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits

Jenkins disclosed a critical security advisory addressing multiple vulnerabilities impacting its core automation server and the LoadNinja plugin. These flaws…
Read More »
March 20, 2026

Fake Tools and CDNs Power New “Vibe-Coded” Malware Campaign

“Vibe coding” has evolved from a buzzword to a key battleground, and a new malware campaign shows how attackers are…
Read More »
March 19, 2026

Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks

Security researchers have uncovered a critical attack chain within Anthropic’s Claude.ai platform, dubbed “Claudy Day.” This vulnerability sequence enables attackers…
Read More »
March 19, 2026

CISA Calls on Organizations to Strengthen Microsoft Intune Security After Stryker Incident

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert calling on organizations to aggressively harden their endpoint…
Read More »
March 19, 2026

Pyronut Package Backdoors Telegram Bots With RCE

Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both…
Read More »

Previous page Next page