A sprawling cybercrime ecosystem rooted in Vietnam has been linked to large-scale fraudulent account registration campaigns targeting service providers and online platforms worldwide. Researchers traced this activity to an infrastructure cluster internally designated O-UNC-036, which uses disposable email addresses and…
Category: Cyber Security News
Signal Confirms Targeted Phishing Attacks Resulting in Account Takeovers
Signal has officially confirmed an ongoing wave of targeted phishing campaigns resulting in successful account takeovers for high-profile users, including journalists and government officials. The encrypted messaging service explicitly stated that its core infrastructure and end-to-end encryption protocols remain intact…
M365Pwned – Red Team GUI Toolkit for Microsoft 365 Exploitation via Graph API
A red teamer operating under the handle OtterHacker has publicly released M365Pwned, a pair of WinForms GUI tools designed to enumerate, search, and exfiltrate data from Microsoft 365 environments using application-level OAuth tokens without requiring any user interaction. Built entirely…
Microsoft Launches Copilot Cowork, a New AI Feature in Microsoft 365 to Automate Tasks
Microsoft has introduced Copilot Cowork, a new AI-powered feature embedded within Microsoft 365 that moves beyond conversational assistance to autonomous task execution. Unlike traditional Copilot interactions focused on answering questions or drafting content, Cowork is designed to delegate, plan, and…
Critical Nginx UI Vulnerabilities Allow Attacker to Download a Full System Backup
A newly discovered critical vulnerability in Nginx UI allows unauthenticated attackers to download and decrypt full system backups. Tracked as CVE-2026-27944, this flaw is categorized as CWE-306 and CWE-311, carrying a maximum CVSS score of 9.8. It affects all versions…
ClipXDaemon Emerges as C2-Less Linux Clipboard Hijacker, Targeting Crypto Wallets in X11 Sessions
A newly discovered Linux malware named ClipXDaemon has emerged as a direct financial threat to cryptocurrency users in X11-based desktop environments. Unlike conventional malware that depends on command-and-control (C2) servers for instructions, ClipXDaemon operates entirely on its own — silently…
Transparent Tribe’s ‘Vibeware’ Shift Signals Rise of AI-Generated Malware at Industrial Scale
Pakistan-based threat actor APT36, widely known as Transparent Tribe, has shifted away from carefully crafted tools to a new approach called “vibeware” — AI-assisted malware produced in high volumes with little regard for quality. Rather than investing time in one…
CISA Warns of macOS and iOS Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding multiple Apple vulnerabilities currently facing active exploitation. On March 5, 2026, CISA added three security flaws affecting macOS, iOS, iPadOS, and other Apple products to its Known…
Microsoft Warns Fake AI Browser Extensions Compromised Chat Histories Across 20,000+ Enterprise Tenants
A wave of counterfeit AI-powered browser extensions has silently breached over 20,000 enterprise environments, compromising the chat histories of employees who routinely used AI tools for work. These malicious Chromium-based extensions disguised themselves as legitimate AI assistant tools and accumulated…
Hikvision Multiple Products Vulnerability Allows Malicious Users to Escalate Privileges
A severe vulnerability affecting multiple Hikvision products was added to the Known Exploited Vulnerabilities (KEV) catalog on March 5, 2026. Tracked globally under CVE-2017-7921, this security flaw poses a significant risk to organizations that rely on these popular surveillance systems.…
Critical ExifTool Flaw Lets Malicious Images Trigger Code Execution on macOS
A newly discovered vulnerability is challenging the long-held belief that macOS systems are inherently immune to malware. Security researchers from Kaspersky’s Global Research and Analysis Team (GReAT) have identified a critical flaw that allows threat actors to execute malicious code…
WiFi Signals Reveal Human Activities Through Walls by Mapping Body Keypoints
A new open-source edge AI system called π RuView is turning ordinary WiFi infrastructure into a through-wall human-sensing platform detecting body pose, vital signs, and movement patterns without a single camera, raising urgent security and surveillance concerns. Researchers and developers…
Hackers Allegedly Selling Exploit for Windows Remote Desktop Services 0-Day Flaw
A threat actor is allegedly selling a zero-day exploit for a Windows Remote Desktop Services privilege escalation vulnerability, tracked as CVE-2026-21533, for a staggering $220,000 on a dark web forum. This highly priced exploit targets improper privilege management to grant…
Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking
A critical vulnerability in AVideo, a widely used open-source video hosting and streaming platform. Tracked as CVE-2026-29058, this zero-click flaw carries a maximum severity rating, allowing unauthenticated attackers to execute arbitrary operating system commands on the targeted server. Discovered by…
Cognizant TriZetto Data Breach Exposes Health Information of 3.4 Million Patients
TriZetto Provider Solutions, a healthcare technology subsidiary of the IT services giant Cognizant, has officially disclosed a massive cybersecurity data breach affecting the sensitive health information of 3,433,965 patients. The healthcare organization recently filed a formal data breach notification revealing…
Malicious imToken Chrome Extension Caught Stealing Mnemonics and Private Keys
Socket’s Threat Research Team has discovered a malicious Google Chrome extension named “lmΤoken Chromophore” that actively steals cryptocurrency wallet credentials. Masquerading as a harmless hex color visualizer, the extension actually impersonates the popular non-custodial wallet brand imToken. Since its launch…
OpenAI Launches Codex Security that Discover, Validate and Patch Vulnerabilities
OpenAI has announced the launch of Codex Security, an application security agent engineered to autonomously identify, validate, and remediate complex vulnerabilities within enterprise and open-source codebases. Formerly known as Aardvark, the tool leverages frontier AI models to provide context-aware security…
Linux Rootkits Using Advanced eBPF and io_uring Techniques
Linux rootkits have quietly grown into one of the most dangerous threats facing modern infrastructure. For years, attackers focused primarily on Windows-based systems, but the rise of Linux in cloud environments, container orchestration, IoT, and high-performance computing has shifted that…
Claude AI Uncovers 22 Firefox Vulnerabilities in Two Weeks
Artificial intelligence models are rapidly evolving from simple coding assistants into highly capable, autonomous vulnerability researchers. Recently, Anthropic’s Claude Opus 4.6 demonstrated this by uncovering over 500 zero-day vulnerabilities in heavily scrutinized open-source projects. During a two-week collaborative engagement with…
FBI Investigates Hack on its Wiretap and Critical Surveillance Systems
The Federal Bureau of Investigation has confirmed a cybersecurity incident targeting a sensitive internal network used to manage wiretapping operations and foreign intelligence surveillance warrants, raising serious concerns among national security officials about the potential exposure of classified law enforcement…