Category: Cyber Security News

A cyberattack campaign that tricks users into running malicious commands on their own computers has taken a dangerous new turn. The technique, known as “ClickFix,” has been circulating for some time, but a recent incident revealed that attackers are now…

Read more →

Android smartphones have become the go-to device for billions of people around the world. From banking and messaging to storing personal photos and sensitive documents, people rely on them for almost everything. That reliance has made mobile devices a prime…

Read more →

A serious security flaw has been found in Exim, one of the most widely deployed mail transfer agents on the internet today. The vulnerability, tracked as EXIM-Security-2026-05-01.1, allows a remote attacker to corrupt server memory and potentially execute malicious code…

Read more →

In 2026, data is the undisputed lifeblood of the modern enterprise. As organizations shift completely to decentralized, multi-cloud architectures, the challenge of securing sensitive information—such as Intellectual Property (IP), Personally Identifiable Information (PII), and Protected Health Information (PHI)—has grown exponentially.…

Read more →

Microsoft pushed out a significant cumulative update for Windows 11 on May 12, 2026, covering both version 25H2 and version 24H2. The update, identified as KB5089549, brings OS Builds 26200.8457 and 26100.8457 to users running these versions. It bundles the…

Read more →

A newly disclosed security vulnerability in Microsoft Teams could allow attackers to spoof local devices, raising concerns for enterprises and individual users who rely on the platform for daily communications. Microsoft disclosed CVE-2026-32185 on May 12, 2026, as part of…

Read more →

A critical security flaw in Fortinet’s FortiSandbox platform is putting enterprise networks at serious risk, allowing unauthenticated attackers to execute arbitrary code or commands remotely, with no credentials required. Fortinet disclosed the vulnerability on May 12, 2026, under the identifier…

Read more →

Fortinet released security advisories on May 12, 2026, addressing five vulnerabilities spanning its wireless access point controllers, network operating system, and enterprise management platforms, including a critical unauthenticated authorization bypass in FortiSandbox. Critical Flaw in FortiSandbox The most severe vulnerability…

Read more →

Microsoft’s May 2026 Patch Tuesday lands with a heavy enterprise focus, fixing 120 vulnerabilities across Windows, Office, Azure, developer tools, and Microsoft 365 apps, including 29 remote code execution (RCE) flaws rated Critical. Unlike several recent cycles, Microsoft reports no…

Read more →

Every incident that damages a client starts with a moment of invisibility: a connection the SIEM didn’t flag, a domain the detection rules didn’t know about, an IOC that was active for two days before any feed registered it. Top-performing MSSPs have…

Read more →

Ivanti has released its May 2026 Patch Tuesday security updates, disclosing vulnerabilities across four products while revealing that artificial intelligence tools are already helping its engineers uncover flaws that traditional scanners miss and warning that AI-driven discovery will likely accelerate…

Read more →

A single click can allow attackers to exploit a critical, unpatched flaw in Open WebUI to seize control of AI workspaces, execute remote code, hijack accounts, and steal sensitive chat histories. Discovered by security researcher Metin Yunus Kandemir, the vulnerability…

Read more →

A new wave of cyberattacks is putting Microsoft Teams users on high alert across organizations worldwide. Hackers have been found hijacking Teams accounts to impersonate IT support staff and push a dangerous piece of malware called ModeloRAT directly into corporate…

Read more →

On May 12, 2026, SAP released its highly anticipated monthly Security Patch Day updates, addressing numerous severe security flaws across its entire enterprise software portfolio. The most alarming discovery is a critical SQL injection vulnerability in SAP S/4HANA, giving attackers…

Read more →

A new and highly stealthy campaign distributing Vidar Stealer has surfaced, targeting Windows users with a sophisticated attack chain designed to slip past endpoint defenses and harvest sensitive credentials. The campaign has drawn significant attention from the cybersecurity community because…

Read more →

A series of newly discovered vulnerabilities in Zoom’s software ecosystem could hand local attackers the keys to your system. As organizations continue to rely heavily on virtual meetings, threat actors are constantly hunting for ways to exploit these communication tools.…

Read more →

A new and growing wave of phishing attacks is making credential theft easier than ever before. Threat actors are now using Vercel, a legitimate AI-powered web development platform, to build convincing fake login pages that closely mirror real websites. The…

Read more →

North Korean hackers have found a new way to hide malware inside the tools that software developers rely on every single day. Instead of sending phishing emails or planting fake links, they are now burying malicious code deep inside Git…

Read more →

A fake Chrome browser extension pretending to be the popular TronLink crypto wallet has been caught stealing sensitive wallet credentials from unsuspecting users. The malicious extension operates silently in the background, harvesting mnemonic phrases, private keys, and passwords before forwarding…

Read more →

A critical security flaw has been identified in the Cline Kanban server that allows threat actors to exfiltrate workspace data and execute arbitrary code silently and remotely. Security researcher TheRealSpencer recently published details of this cross-origin WebSocket hijacking vulnerability affecting…

Read more →