Category: Cyber Security News

A China-linked threat group called Silver Dragon has been targeting government and high-profile organizations across Southeast Asia and Europe since at least mid-2024. Operating under the umbrella of APT41, the group breaks into networks by exploiting public-facing internet servers and…

Read more →

A security bulletin has been issued regarding a vulnerability in the AutoPass License Server (APLS) that could allow attackers to remotely bypass authentication controls. The issue is tracked as CVE-2026-23600 and is rated important with a CVSS  base score of…

Read more →

A critical security vulnerability has been discovered in a lightweight framework designed to enable AI agents to perform autonomous tasks. According to a vulnerability note published by the CERT/CC, this flaw allows attackers to trick the AI into executing malicious commands,…

Read more →

A high-severity Cross-Site Scripting (XSS) vulnerability, designated as CVE-2026-27970, has been discovered in Angular’s internationalization (i18n) pipeline. The vulnerability allows attackers to execute malicious JavaScript if they can compromise an application’s translation files. Angular’s i18n process allows developers to extract…

Read more →

A critical privilege escalation vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code as root without requiring user interaction. The security failure completely bypasses macOS security features,…

Read more →

A supply chain attack targeting the PHP developer community has surfaced through Packagist, the official package repository for PHP and Laravel projects. Threat actor nhattuanbl published several packages that disguised a fully functional remote access trojan (RAT) inside what looked like standard…

Read more →

A critical vulnerability affecting VMware Aria Operations has been added to the Known Exploited Vulnerabilities (KEV) catalog. Broadcom recently issued a security advisory detailing a flaw that allows unauthenticated attackers to execute arbitrary commands. Organizations are urged to implement mitigations…

Read more →

A persistent bug in Windows 11 in-place upgrades is reportedly wiping critical 802.1X wired authentication configurations, leaving enterprise workstations completely offline until manual intervention is performed. System administrators across Reddit’s r/sysadmin community are raising alarms as the issue originally observed…

Read more →

Google’s Threat Intelligence Group (GTIG) has uncovered Coruna, a sophisticated iOS exploit kit containing 23 exploits across five full exploit chains that compromised thousands of iPhones running iOS 13.0 through 17.2.1 throughout 2025. The Coruna exploit kit is an advanced,…

Read more →

A suspected India-aligned threat group known as SloppyLemming has been conducting a sustained espionage campaign against government agencies, defense organizations, nuclear oversight bodies, and critical infrastructure operators in Pakistan and Bangladesh. Active since 2021 and also tracked as Outrider Tiger…

Read more →

A Mirai-based botnet campaign known as Zerobot has resurfaced with renewed force, this time targeting critical flaws in Tenda AC1206 routers and the n8n workflow automation platform. The campaign, now operating on its ninth known iteration — dubbed zerobotv9 —…

Read more →

A new active phishing attack that exploits OAuth’s legitimate redirection behavior, allowing it to bypass traditional email and browser defenses without stealing any tokens. According to Microsoft Defender researchers, the campaigns primarily target government and public-sector organizations, using trusted identity…

Read more →

A threat actor operating under the alias FulcrumSec has publicly claimed responsibility for a fresh breach of LexisNexis Legal & Professional, the legal information division of RELX Group, alleging the exfiltration of 2.04 GB of structured data from the company’s…

Read more →

A threat actor tracked as D-Shortiez has been running a persistent malvertising campaign that turns a WebKit browser behavior into a trap, forcing iOS Safari users into scam pages with no easy way out. The campaign is not entirely new…

Read more →

On February 28, 2026, the United States and Israel launched a coordinated offensive — code-named Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel — setting off a wide-ranging cyber conflict that spread across the Middle East…

Read more →

Telegram, once widely recognized as a privacy-focused messaging application, has quietly transformed into one of the most powerful operational platforms used by cybercriminals today. What dark web forums once offered — anonymity, exclusive access, and a marketplace for stolen data…

Read more →

A critical vulnerability in a popular AI application platform allows attackers to remotely execute harmful code through its CSV data-processing agent. The vulnerability, tracked as CVE-2026-27966, was recently disclosed and given a critical severity score of 10.0 out of 10.…

Read more →

Google has announced a major initiative to protect HTTPS connections from the emerging threats posed by quantum computing. Working with the Internet Engineering Task Force (IETF) and its “PKI, Logs, And Tree Signatures” (PLANTS) working group, Chrome is spearheading the…

Read more →

A new malvertising campaign is actively targeting macOS users worldwide, delivering a new variant of the AMOS infostealer called “malext.” Attackers are purchasing Google Search ads that push victims toward fake help articles on free text-sharing websites, where a deceptive…

Read more →

In boardrooms and security operations centers alike, one metric has risen from a niche KPI to a defining measure of organizational resilience: Mean Time to Respond (MTTR). But why has this particular number captured so much attention, and does it…

Read more →