As artificial intelligence becomes deeply embedded in enterprise operations and cybercriminal arsenals alike, the Cybersecurity Predictions 2026 landscape reveals an unprecedented convergence of autonomous threats, identity-centric attacks, and accelerated digital transformation risks. Industry experts across leading security firms, government agencies, and research…
Category: Cyber Security News
Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash
A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide. Tracked as CVE-2025-68615, this security flaw allows remote attackers to trigger a buffer overflow, leading to a service crash or potentially…
Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls
Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles. Fortinet’s PSIRT team detailed the in-the-wild attacks in a recent blog…
Microsoft Unveils Hardware-Accelerated BitLocker to Enhance Performance and Security
Microsoft has announced hardware-accelerated BitLocker, a significant security enhancement designed to eliminate performance bottlenecks caused by encryption on modern high-speed NVMe drives. The new technology addresses growing concerns about CPU overhead as storage devices become faster, particularly for users running…
Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware
The Evasive Panda APT group, also known as Bronze Highland, Daggerfly, and StormBamboo, has been running targeted campaigns since November 2022, using advanced techniques to deliver the MgBot malware. The group employs adversary-in-the-middle attacks combined with DNS poisoning to compromise…
Threat Actors Using Weaponized AV-themed Word and PDF Documents to Attack Israeli Organizations
Security researchers at Seqrite Labs have identified a campaign called Operation IconCat, targeting Israeli organizations with weaponized documents designed to look like legitimate security tools. The attacks began in November 2025 and have compromised multiple companies across information technology, staffing…
Threat Actors Advertised NtKiller Malware on Dark Web Claiming Terminate Antivirus and EDR Bypass
A malicious actor known as AlphaGhoul has begun promoting a tool called NtKiller, designed to silently shut down antivirus software and endpoint detection tools. The tool was posted on an underground forum where criminals gather to buy and sell hacking…
One Year Of Zero-Click Exploits: What 2025 Taught Us About Modern Malware
The year 2025 represents a pivotal moment in cybersecurity, showcasing a remarkable evolution in zero-click exploitation techniques that significantly challenges our understanding of digital security. Unlike traditional attacks that require user interaction, such on clicking a malicious link or downloading…
Critical MongoDB Vulnerability Exposes Sensitive Data via Zlib Compression
A critical security vulnerability, tracked as CVE-2025-14847, that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw resides in MongoDB’s zlib compression implementation and affects multiple versions of the database platform. The vulnerability enables client-side…
WebRAT Malware via GitHub Repositories Claim as Proof-of-concept Exploits to Attack Users
A new malware campaign has surfaced that uses GitHub repositories to spread the WebRAT malware by disguising it as proof-of-concept exploits and gaming utilities. The malware targets users searching for game cheats, pirated software, and application patches, particularly for popular…
Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours
A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 64.6% success rate across 91,505 scanned targets. PCPCat scanners, distributed via react.py malware, probe public Next.js…
Interpol Taken Down 6 Ransomware Variants and Arrested 500+ Suspects
Law enforcement agencies across 19 African nations have achieved a landmark victory against cybercrime. Arresting 574 suspects and dismantling six ransomware variants during Operation Sentinel, a month-long coordinated crackdown that concluded on November 27. The operation, which ran from October…
Ransomware Attack on Romanian Waters Authority – 1,000+ IT Systems Compromised
Romania’s National Administration “Apele Române” (Romanian Waters) disclosed a severe ransomware attack on December 20, 2025. That compromised approximately 1,000 IT systems across the agency and 10 of its 11 regional water basin administrations. The incident affected critical infrastructure responsible…
Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026
Microsoft is strengthening the security posture of enterprise collaboration by automatically enabling critical messaging safety features in Microsoft Teams. According to a new administrative update, the company will switch several protective settings to “On” by default starting January 12, 2026,…
University of Phoenix Data Breach – 3.5 Million+ Individuals Affected
University of Phoenix, one of the largest for-profit educational institutions in the United States, disclosed a significant data breach affecting approximately 3.5 million individuals on December 22, 2025. The breach resulted from an external system compromise via unauthorized access, exposing sensitive…
Indian Income Tax-Themed Attacking Businesses with a Multi-Stage Infection Chain
Cybercriminals have increasingly weaponized the Income Tax Return (ITR) filing season to orchestrate sophisticated phishing campaigns targeting Indian businesses. By exploiting public anxiety surrounding tax compliance and refund timelines, attackers have crafted high-fidelity lures that mimic official government communications. The…
HardBit 4.0 Ransomware Actors Attack Open RDP and SMB Services to Persist Access
HardBit ransomware continues to evolve as a serious threat to organizations worldwide. The latest version, HardBit 4.0, emerged as an upgraded variant of a strain that has been active since 2022, bringing with it more advanced features and enhanced techniques…
PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution
Security researchers have released a Proof-of-Concept (PoC) exploit for a critical vulnerability in HPE OneView, a popular IT infrastructure management platform. The flaw, tracked as CVE-2025-37164, carries a maximum CVSS score of 10.0, indicating immediate danger to enterprise environments. The vulnerability allows…
New MacSync Stealer Malware Attacking macOS Users Using Digitally Signed Apps
A new version of MacSync Stealer malware is targeting macOS users through digitally signed and notarized applications, marking a major shift in how this threat is delivered. Unlike older versions that required users to paste commands into Terminal, this updated…
Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios
A comprehensive analysis of CVE-2025-50165, a critical Windows vulnerability affecting the Windows Imaging Component (WIC). That could potentially enable remote code execution through specially crafted JPEG files. However, their findings suggest the real-world exploitation risk is significantly lower than initially…