Category: Cyber Security News

Russian state-sponsored threat groups significantly stepped up their cyber operations in 2025, using a range of methods to break into targeted systems. From exploiting remote desktop tools and virtual private networks to manipulating trusted supply chains and deceiving employees through…

Read more →

A newly discovered banking trojan is targeting Brazilians by disguising itself as a legitimate electronic invoice. The malware, known as Banana RAT, uses fake NF-e (Nota Fiscal Eletronica) documents to trick victims into running malicious batch files that quietly install…

Read more →

A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that uses six separate persistence layers to stay embedded on compromised servers. The campaign targets internet-exposed VoIP…

Read more →

Ubiquiti Networks has released urgent security updates to address a series of highly critical vulnerabilities affecting its UniFi OS platform. These severe flaws could allow unauthenticated, remote attackers to execute arbitrary code, escalate privileges, and severely compromise enterprise network infrastructure.…

Read more →

A newly disclosed issue with Google Cloud API keys reveals that deleted credentials may remain usable for up to 23 minutes, exposing projects to potential abuse even after revocation. The finding raises concerns about delayed credential invalidation across Google’s infrastructure,…

Read more →

 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation and urging organizations to remediate immediately. The flaw affects Langflow, a popular tool…

Read more →

LiteSpeed has disclosed and patched a critical 0‑day privilege escalation flaw in its user-end cPanel plugin that is already being actively exploited to gain root access on Linux hosting servers. The bug is tracked as CVE‑2026‑48172 and affects LiteSpeed cPanel…

Read more →

A newly uncovered Android malware campaign has been quietly draining money from mobile users across four countries by signing them up for paid services they never asked for. The operation ran for nearly ten months and carried out financial fraud…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Microsoft Defender vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation risks. The flaws, tracked as CVE-2026-45498 and CVE-2026-41091, impact Microsoft Defender and could…

Read more →

A newly uncovered cyber operation has raised concerns among security professionals after a coordinated wave of attacks targeted government institutions in Pakistan. The campaign, now tracked as Operation Dragon Whistle, used highly convincing phishing emails to trick employees into opening…

Read more →

Hackers are quietly hiding Windows malware inside nested folders that imitate macOS system paths, making dangerous payloads look like harmless archives to the untrained eye. By burying their tools several layers deep, they aim to slip past automated scanning and…

Read more →

Canadian and U.S. authorities have arrested and charged a 23‑year‑old Ottawa resident for allegedly operating “KimWolf,” a massive Internet‑of‑Things (IoT) DDoS‑for‑hire botnet that weaponized more than a million connected devices worldwide, including systems in Alaska and on the U.S. Department…

Read more →

Splunk has released security updates addressing multiple vulnerabilities across Splunk Enterprise, Splunk Cloud Platform, and the Splunk AI Toolkit that could lead to denial-of-service (DoS) conditions and exposure of sensitive data. The issues, disclosed on May 20, 2026, include three…

Read more →

Hackers have found a new and alarming way to weaponize one of the most trusted platforms in the AI world. A threat actor linked to North Korea has embedded second-stage malware inside Hugging Face, the widely used AI and machine…

Read more →

The FBI has issued a new cybersecurity warning about a rapidly emerging phishing-as-a-service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users to steal access tokens and bypass multi-factor authentication (MFA). Kali365 is being distributed primarily through Telegram…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation risks. The flaw, tracked as CVE-2026-34926, affects on-premise deployments of…

Read more →

Splunk has released security updates addressing multiple vulnerabilities across Splunk Enterprise, Splunk Cloud Platform, and the Splunk AI Toolkit that could lead to denial-of-service (DoS) conditions and exposure of sensitive data. The issues, disclosed on May 20, 2026, include three…

Read more →

Hackers can weaponize a legitimately signed Lenovo driver to terminate security processes, highlighting a dangerous Bring Your Own Vulnerable Driver (BYOVD) attack vector that can bypass endpoint protection controls. Security researcher Jehad Abudagga has analyzed a Lenovo driver, BootRepair.sys, originally associated…

Read more →

Google has publicly released proof-of-concept (PoC) exploit code for a critical, still-unpatched vulnerability in the Chromium codebase, potentially exposing millions of users across Chrome, Microsoft Edge, and other Chromium-based browsers to stealthy botnet-style abuse. The vulnerability, originally reported in late…

Read more →

The npm registry made an urgent platform-wide move last week after supply chain attacks threatened thousands of developers. On May 19, npm invalidated every granular access token with write access that bypasses two-factor authentication, forcing maintainers to generate fresh credentials…

Read more →