Category: Cyber Security News

A newly documented attack chain linked to the threat group UAC-0184 has been observed using Windows’ built-in bitsadmin tool and HTA files to sneak malicious payloads onto targeted systems. The campaign is primarily aimed at Ukraine, with clear indicators pointing…

Read more →

A ransomware group called The Gentlemen has been quietly building one of the most aggressive cybercriminal operations seen in recent years. Emerging publicly in the second half of 2025, the group rapidly scaled its activity to become one of the…

Read more →

North Korea-linked hackers are at it again, and this time they are casting a wide net. The Kimsuky threat group, a well-known cyber espionage unit with ties to the DPRK, ran four separate spear-phishing campaigns in the first half of…

Read more →

A large-scale international cybercrime crackdown dubbed Operation Ramz has led to the seizure of 53 servers, the arrest of 201 individuals, and the identification of 382 additional suspects across the Middle East and North Africa (MENA) region. The coordinated operation, led…

Read more →

A data breach makes headlines for a day. The damage it leaves behind lasts years. Critical business risk isn’t one catastrophic moment — it’s a slow-motion erosion: dwell time compounding into lateral movement, a compromised supplier becoming your breach, a…

Read more →

A working proof-of-concept (PoC) exploit for a high-severity Linux kernel local privilege escalation vulnerability dubbed DirtyDecrypt, also tracked as DirtyCBC, enables local attackers to gain full root access on affected systems. Security analyst Will Dormann technically attributes the flaw to CVE-2026-31635, a…

Read more →

A wave of well-crafted malware is quietly draining cryptocurrency from users across the globe, and the attackers behind it have gone to great lengths to stay hidden. Researchers have uncovered a large-scale campaign built around a multi-stage loader called CountLoader,…

Read more →

The PostgreSQL Global Development Group has released critical security updates for all supported branches, fixing 11 vulnerabilities, including arbitrary code execution and several SQL injection flaws. PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 have been released as security and maintenance…

Read more →

Microsoft has announced a significant security improvement in its Edge browser, eliminating the practice of loading saved passwords into process memory at startup. The change comes as part of the company’s broader Secure Future Initiative (SFI), which aims to strengthen…

Read more →

A newly disclosed critical vulnerability in Apache Flink, tracked as CVE-2026-35194, exposes distributed data processing environments to remote code execution (RCE) attacks via SQL injection flaws in the platform’s code generation engine. The flaw lies in Apache Flink’s SQL code-generation mechanism,…

Read more →

A widely used GitHub Action called actions-cool/issues-helper has been compromised, with every version tag in the repository silently redirected to a malicious commit. The attack places stolen CI/CD pipeline credentials directly in the hands of an attacker, raising serious concerns…

Read more →

A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features. The malware targets Chrome’s App-Bound Encryption, a protection layer…

Read more →

Attackers have found a new way to quietly steal data from compromised networks, and this time, they are hiding behind a familiar face. Security researchers have uncovered a targeted intrusion campaign that used a Cloudflare-hosted storage endpoint to pull stolen…

Read more →

A widely used Visual Studio Code extension was quietly turned into a credential-stealing tool in May 2026, putting millions of developers at serious risk without warning. The Nx Console extension, which has over 2.2 million installations, was compromised when attackers…

Read more →

A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features. The malware targets Chrome’s App-Bound Encryption, a protection layer…

Read more →

Critical vulnerabilities in the SEPPmail Secure Email Gateway have exposed organizations to remote code execution (RCE) and potential interception of sensitive email traffic. Researchers uncovered several high-impact flaws affecting SEPPmail appliances, widely deployed across the DACH region. The most severe…

Read more →

A critical security vulnerability in the Marimo Python notebook framework is being actively exploited to achieve pre-authentication remote code execution (RCE), allowing attackers to gain full control of exposed systems. Tracked as CVE-2026-39987, the flaw stems from a missing authentication check…

Read more →

Microsoft has announced the retirement of its “Together Mode” feature in Microsoft Teams, marking a strategic shift toward performance optimization and simplified meeting experiences. The change will take effect starting June 30, 2026, as part of the company’s broader effort…

Read more →

A sweeping supply chain attack has hit the npm ecosystem, compromising hundreds of widely used JavaScript packages tied to the @antv data visualization library. The attack, which unfolded in the early hours of May 19, 2026, injected malicious code into…

Read more →

A major security lapse has exposed highly sensitive U.S. government cloud credentials after a contractor working with the Cybersecurity and Infrastructure Security Agency (CISA) accidentally published them in a public GitHub repository. The repository, named “Private-CISA,” remained publicly accessible until…

Read more →