risk
-
Cisco Smart Software Manager Flaw Allowed Arbitrary Command Execution
Cisco has issued a critical security alert regarding a severe vulnerability in its Smart Software Manager On-Prem (SSM On-Perm) platform.…
Read More » -
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful…
Read More » -
Top 10 Best Dynamic Application Security Testing (DAST) Platforms in 2026
In today’s fast-paced software development world, where applications are released at an unprecedented rate, ensuring their security is more critical…
Read More » -
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor hijacked the popular Axios NPM package in a high‑impact software supply chain attack, deploying a…
Read More » -
North Korean IT Worker Used Stolen Identity, AI-Generated Resume in Job Scam
A recent investigation exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and…
Read More » -
Stealthy .NET Malware Adds AV Killer, HVNC Features
CrySome RAT is a newly observed, advanced .NET remote access trojan that combines full-featured post‑exploitation tooling with unusually hardened persistence,…
Read More » -
TA446 Uses DarkSword Exploit Kit to Target iPhone Users
Russia-linked espionage group TA446 has initiated a new phishing campaign using the DarkSword exploit kit to compromise iOS devices, leveraging…
Read More » -
New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains
New homoglyph attack techniques exploit subtle visual similarities in text to spoof trusted domains, steal credentials, and bypass Unicode handling…
Read More » -
Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, now widely recognized as…
Read More » -
European Commission Confirms Cyberattack After AWS Account Breach
The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web…
Read More » -
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
A significant surge in PXA Stealer campaigns targeting global financial institutions during Q1 2026. This marks a notable shift in…
Read More » -
BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers
The Internet Systems Consortium (ISC) has released critical security advisories addressing three new vulnerabilities in the widely used BIND 9…
Read More » -
Five Malicious npm Packages Target Crypto Developers, Steal Wallet Keys via Telegram
Five malicious npm packages impersonating popular crypto libraries are stealing wallet keys from Solana and Ethereum developers and exfiltrating them…
Read More » -
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security experts haveverified that the advanced iOS exploit chain known as DarkSword is now accessible outside of its original threat…
Read More » -
$30 IP-KVM Flaws Could Enable BIOS-Level Enterprise Network Attacks
Recent threat research exposes a critical security crisis with low-cost IP-KVM devices, revealing nine vulnerabilities across four prominent vendors. These…
Read More »