web
-
Critical Security Advisory: Addressing Authentication Bypass Vulnerabilities in cPanel & WHM
Web hosting administrators and systems engineers are advised to initiate emergency remediation protocols immediately. cPanel has released a high-priority security…
Read More » -
Analyzing Vect 2.0: The Evolution of a High-Tempo Multi-Platform RaaS Threat
The ransomware landscape is shifting from localized malware attacks to sophisticated, multi-platform operations. Leading this charge is Vect 2.0, a…
Read More » -
From Italy to Houston: The Extradition of Silk Typhoon Operative Xu Zewei
In a significant escalation of international legal efforts to combat state-sponsored cyber operations, Xu Zewei, a key operative allegedly linked…
Read More » -
Checkmarx Confirms Data Leak Following GitHub Repository Compromise
Application security powerhouse Checkmarx has formally acknowledged a significant security breach involving the exposure of an internal GitHub repository. This…
Read More » -
Iranian-Linked Hackers Leak Data on 2,379 U.S. Marines, Issue Threats
A cyberattack group with ties to Iran’s Ministry of Intelligence has escalated its campaign against the United States by leaking…
Read More » -
Shadow Pipelines: Deconstructing Sandworm’s Sophisticated SSH-over-Tor Persistence Framework
In a striking evolution of cyber-espionage tradecraft, the state-sponsored actor known as Sandworm (also identified as APT-C-13 or FROZENBARENTS) has…
Read More » -
SQL Injection in LiteLLM: Inside CVE‑2026‑42208 and Its Rapid Exploitation
In the rapidly evolving landscape of AI orchestration, the security of middle-tier gateways has become a primary target for sophisticated…
Read More » -
Fake Document Reader Delivers Anatsa Trojan to 10K Android Users
In a sobering reminder that official marketplaces are not infallible, a sophisticated malicious application masquerading as a legitimate document reader…
Read More » -
Unseen Access: Claude Desktop Bypasses macOS Sandboxing with Native Messaging Bridge
In a troubling revelation for macOS users, a technical deep dive published on April 18, 2026, by privacy researcher Alexander…
Read More » -
Analyzing a New PowerShell-Based Telegram Session Stealer: From Pastebin to Bot API Exfiltration
Threat actors are currently refining a specialized class of infostealers specifically designed to hijack Telegram sessions. Unlike broad-spectrum malware that…
Read More » -
Critical Memory Corruption Vulnerability Discovered in Python’s asyncio on Windows
A significant security flaw has surfaced within Python’s asyncio module, specifically targeting Windows environments. This high-severity vulnerability introduces the risk…
Read More » -
Trigona Affiliates Pivot to Proprietary Data Exfiltration Tooling
In a significant tactical shift, ransomware operators are moving away from “living off the land” with common utilities and toward…
Read More » -
500,000 Britons’ Genetic Data Listed for Sale on Alibaba — And No One Noticed Until It Was Too Late
Sometime in mid-April 2026, a product appeared on Alibaba — China’s sprawling, Amazon-like e-commerce platform — that had no business…
Read More » -
GitLab Issues Emergency Patches for 11 Vulnerabilities
GitLab has issued an urgent security advisory following the discovery of 11 distinct vulnerabilities affecting both its Community Edition (CE)…
Read More » -
From Disclosure to Exploitation in Hours: LMDeploy SSRF Vulnerability Exploited in the Wild
In the rapidly evolving landscape of AI infrastructure, the window between vulnerability disclosure and active exploitation is shrinking to a…
Read More » -
Needle Stealer Malware Hijacking Traders via Fake “TradingClaw” AI Agent
Cybersecurity researchers have identified a sophisticated social engineering campaign leveraging a fraudulent “TradingView AI agent” to distribute the Needle Stealer…
Read More »