Category: Cyber Security News

A new wave of phishing operations is quietly changing the way cybercriminals steal financial data from everyday people. Rather than relying on traditional SMS messages that carriers can easily flag and block, threat actors are now using encrypted messaging channels…

Read more →

A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s NTFS archive handler. Tracked as CVE-2026-48095 and assigned advisory…

Read more →

Anthropic appears to be loosening its grip on Claude Mythos, the company’s most powerful and previously restricted AI model, with new signals pointing to a commercially versioned release under the name Mythos 1 (claude-mythos-1-preview), integrated directly into Claude Code and…

Read more →

A well-known advanced persistent threat group called Cloud Atlas has been caught using a dangerous technique to hijack Windows systems without alerting anyone on the network. The group modifies a core Windows file called termsrv.dll to unlock multiple simultaneous Remote…

Read more →

A North Korea-linked hacker group has quietly upgraded one of its most dangerous tools, making it harder for security software to detect. InvisibleFerret, an information-stealing malware tied to the threat actor known as Void Dokkaebi (also tracked as Famous Chollima),…

Read more →

Cybercriminals are openly selling verified bank accounts, fintech wallets, and cryptocurrency exchange accounts through Telegram channels, turning money laundering into a structured, on-demand criminal service. This underground market has grown far beyond informal recruitment and now operates like a professional…

Read more →

Hackers are actively abusing a flaw in shared Content Delivery Network (CDN) infrastructure to hide malicious traffic behind trusted, high-reputation domains, effectively slipping past the security tools that organizations rely on every day. The technique, now tracked under the name…

Read more →

A solo Russian-speaking threat actor leveraged a jailbroken instance of Google Gemini to run a five-year MAGA-themed influence operation, crack WordPress administrator credentials, and empty at least one victim’s cryptocurrency wallet, all at near-zero cost using stolen API keys. In…

Read more →

A new supply chain attack campaign is quietly targeting developers through a method most would never think to look for. Hidden inside software packages on GitHub, a malicious script downloads a Linux binary during installation and disguises it using a…

Read more →

A well-known Iranian threat group has found a new way to push malware onto people’s machines. Instead of sending phishing emails, the group built a fake website that impersonated a real database software download page and used search engine tricks…

Read more →

A newly disclosed zero-day vulnerability in the KnowledgeDeliver Learning Management System (LMS) has been actively exploited in the wild to deploy the BLUEBEAM in-memory web shell, according to Mandiant’s incident response findings. The flaw, now tracked as CVE-2026-5426, enables unauthenticated…

Read more →

A Russian state-sponsored threat group has quietly upgraded one of its most powerful cyber weapons, and the result is a spying tool that is harder to detect, harder to kill, and more capable than ever before. Security researchers have now…

Read more →

Italian law enforcement has dismantled a large-scale audiovisual piracy network centered around a sophisticated application called CINEMAGOAL, which enabled users to access premium streaming services without authorization. The operation, codenamed “All Clear”, was led by the Ravenna Financial Police under the direction…

Read more →

A sharp rise in internet-wide scanning activity targeting SonicWall firewall management interfaces has been detected, raising concerns about a potential pre-disclosure reconnaissance phase tied to new vulnerabilities. Threat intelligence firm GreyNoise reported a significant surge in scanning of SonicWall SonicOS…

Read more →

Dutch authorities have seized more than 800 servers and arrested two individuals as part of a major investigation into a hosting infrastructure allegedly used to support cyberattacks, disinformation campaigns, and sanctions evasion linked to Russia. The Fiscal Information and Investigation…

Read more →

Security researchers have revealed that WhatsApp chat histories may be stored unencrypted on both macOS and iOS devices, raising fresh concerns about local data protection and cross-application access within the Apple ecosystem. The issue, highlighted by iOS security researchers at…

Read more →

A new wave of targeted espionage attacks has put technology professionals across the United States, Israel, and the United Arab Emirates on high alert. The threat comes from an Iran-linked hacking group deploying two families of remote access trojans through…

Read more →

A newly identified scareware kit called CypherLoc is locking victims’ browsers and tricking them into calling fake Microsoft support lines. The kit has been linked to roughly 2.8 million attacks since the start of 2026, making it one of the…

Read more →

GitHub has introduced a major security upgrade to the npm ecosystem with the general availability of staged publishing and new install-time controls, aimed at reducing automated supply chain attacks targeting open-source packages. The newly released staged publishing feature changes how…

Read more →

CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow…

Read more →