Category: Cyber Security News

A known threat group called TA446 has been caught using a newly discovered exploit kit called DarkSword to target iOS users. This development marks a significant shift in the group’s tactics, as previous activity from TA446 showed no signs of…

Read more →

A new and more dangerous version of the ClickFix attack technique has been found actively targeting Windows users. Unlike older versions that used PowerShell or mshta to run malicious commands, this new variant takes a different path. It uses rundll32.exe…

Read more →

A new and dangerous piece of malware has surfaced in the threat landscape, and it is built to stay hidden, stay running, and stay in control of any system it infects. CrySome RAT is written in C# and targets the…

Read more →

Cybercriminals have found a clever way to trick people by swapping real letters in website addresses with characters that look almost the same. These are called homoglyph attacks, and they are becoming a growing problem across the internet. A single…

Read more →

A Python-based information stealer known as BlankGrabber has been caught using a deceptive certificate loader trick to hide a multi-stage malware delivery chain. First identified in 2023, this threat has grown more complex over time and keeps targeting everyday users…

Read more →

A serious security flaw was recently found in Open VSX, the extension marketplace used by popular code editors like Cursor and Windsurf, as well as the broader VS Code fork ecosystem. The vulnerability was found inside the platform’s newly introduced…

Read more →

A widely used Python package was quietly turned into a weapon, and most developers who got hit had no idea it happened. On March 27, 2026, a threat actor known as TeamPCP uploaded two malicious versions of the Telnyx Python…

Read more →

A high-severity security flaw has been discovered in Vim, one of the most widely used text editors among developers. This vulnerability allows attackers to execute arbitrary operating system commands simply by tricking a user into opening a specially crafted file. Discovered…

Read more →

A financially motivated cybercrime group has been quietly compromising cloud environments since late 2025, and its activities are now drawing serious concern across the security community. The group, known as TeamPCP, operates a self-propagating worm called CanisterWorm that hunts for…

Read more →

A popular collaboration tool within the Atlassian ecosystem is widely used by organizations to track projects, manage approvals, and manage daily tasks. Recently, security researchers at Snapsec uncovered a critical Stored Cross-Site Scripting (XSS) vulnerability within the platform. By exploiting a…

Read more →

A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS), tracked as CVE-2026-21643, is actively being exploited in the wild. Threat actors have been leveraging this flaw in attacks starting four days ago, despite it not yet appearing…

Read more →

Databricks is currently investigating an alleged security compromise connected to the massive TeamPCP software supply chain attack after being alerted by threat intelligence researchers. According to International Cyber Digest, Databricks was notified of the potential breach last week. The organization…

Read more →

A critical security flaw in n8n, a widely used open-source workflow automation platform, exposes host servers to Remote Code Execution (RCE) attacks. Tracked as CVE-2026-33660, this critical vulnerability allows authenticated threat actors to bypass built-in security restrictions, access sensitive data,…

Read more →

Urgent security updates for Grafana version 12.4.2 address two critical vulnerabilities that could allow attackers to achieve full remote code execution (RCE) and execute denial-of-service (DoS) attacks. System administrators utilizing Grafana for data visualization are strongly advised to apply these…

Read more →

For many users, engaging with an AI assistant requires opening a dedicated browser tab, which inherently isolates the AI from other browsing activities. While this separation improves privacy, it reduces usefulness and context. To bridge this gap, AI-powered browser extensions…

Read more →

Starting April 1, 2026, the Indian government will effectively ban Chinese video surveillance giants, including Hikvision, Dahua, and TP-Link, from selling internet-connected CCTV cameras in the country. This decisive market restriction stems from new mandatory certification rules driven by national…

Read more →

For years, cybersecurity professionals debated whether AI could truly be weaponized to build dangerous malware at scale. That debate is now settled. VoidLink, a Linux-based malware framework discovered in early 2026, has crossed a threshold the security community long feared…

Read more →

As enterprises adopt more cloud-native technologies, containers, and microservices-based architectures, log monitoring and management are now critical. According to many market research assessments, the global log management industry is anticipated to increase from $1.9 billion in 2020 to $4.1 billion…

Read more →

Spam filter tools use advanced algorithms and machine learning techniques to detect and block unwanted email messages. They analyze email content, sender reputation, and patterns to effectively identify and filter out spam, ensuring inboxes remain clutter-free. These tools offer customizable…

Read more →

Fraud management is detecting, preventing, and responding to fraudulent activity. It entails spotting potential fraud, implementing procedures to prevent fraud, and lessening the effects of fraud. There are several strategies that organizations can use to manage fraud, including: What Does…

Read more →