A sophisticated cyber threat has emerged, targeting users across multiple operating systems through compromised mirror websites and GitHub repositories. The RU-APT-ChainReaver-L campaign represents one of the most elaborate supply chain attacks identified recently, affecting Windows, macOS, and iOS platforms simultaneously.…
Category: Cyber Security News
GTIG Analysis Highlights Escalating Espionage and Supply Chain Risks Facing Defense Sector
Modern warfare extends far beyond physical battlefields, increasingly infiltrating the digital servers and supply chains that safeguard national defense. Today, the sector faces a relentless barrage of cyber operations from state-sponsored actors and criminal groups alike. These attacks no longer…
Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking, CSRF Bypass, and Zero-ID DoS Risk
A severe vulnerability has been discovered in Fiber v2, a popular Go web framework, that could allow attackers to hijack user sessions, bypass security protections, and cause service disruptions. The flaw affects all Fiber v2 versions running on Go 1.23…
BQTLock & GREENBLOOD Ransomware Attacking Organizations to Encrypt and Exfiltrate Data
Two sophisticated ransomware families, BQTLock and GREENBLOOD, have surfaced in the cybersecurity landscape, utilizing contrasting strategies to disrupt business operations and extort victims. While typical ransomware attacks often follow a predictable pattern of immediate encryption, these new strains demonstrate a…
Threat Actors Weaponize ChatGPT, Grok and Leverages Google Ads to Distribute macOS AMOS Stealer
Cybercriminals have developed a sophisticated attack campaign that exploits user trust in artificial intelligence platforms to distribute the Atomic macOS Stealer (AMOS), marking a dangerous evolution in social engineering tactics. This new threat combines legitimate AI chatbot services from ChatGPT…
Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released
A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The flaw, tracked as CVE-2026-25881 with a critical CVSS score of 8.3/10, affects all versions up to 0.8.30 and…
Prometei Botnet Attacking Windows Server to Gain Remote Access and Deploy Malware
A sophisticated attack is targeting Windows Server systems using Prometei, a Russian-linked botnet that has been active since 2016. This multi-functional malware combines cryptocurrency mining, credential theft, and remote-control capabilities to maintain long-term access to compromised systems. The Prometei botnet…
Microsoft Investigates Teams Assignment Errors After Failed Service Update
Microsoft Teams faces widespread disruptions in assignment management, prompting an urgent investigation by the company. Users of Microsoft Teams are encountering error messages when trying to open, set, or delete assignments. The issue stems from a recent backend change that…
Microsoft Releases Critical Windows 11 Cumulative Updates for Versions 25H2, 24H2, and 23H2
In a routine Microsoft Patch Tuesday rollout, essential cumulative updates have been deployed for Windows 11 versions 25H2, 24H2, and 23H2, focusing on improving security amid increasing cyber threats. These updates, KB5077181, KB5075941, and KB5074105, bundle the latest security patches…
Sophisticated Cyber Attack Targets Wedding Industry With Teams-Based Malware Delivery
A sophisticated phishing campaign targets wedding planners and vendors with stealer malware disguised as Microsoft Teams meetings. Security researchers highlight the use of compromised legitimate emails to build trust before delivering payloads. Threat actors impersonate legal professionals in emails from…
Windows Remote Access Connection Manager 0-Day Vulnerability Let Attackers Trigger DoS Attack
Microsoft has patched a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service, tracked as CVE-2026-21525, which allowed attackers to trigger denial-of-service (DoS) conditions on unpatched systems. The flaw, stemming from a NULL pointer dereference (CWE-476), was actively…
Coinbase Cartel Targets High-Value Sectors with Data-Theft-First Extortion Strategy
The ransomware landscape continues to evolve with new threat actors adopting unconventional tactics. Coinbase Cartel emerged in September 2025, quickly claiming 14 victims in its first month of operation. Unlike traditional ransomware groups, this threat actor focuses exclusively on data…
CISA Adds Six Microsoft 0-Day Vulnerabilities to KEV Catalog Following Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities, all affecting Microsoft products. This move underscores escalating threats from nation-state actors and cybercriminals actively exploiting these flaws…
Windows Shell Security Feature 0-Day Vulnerability Let Attackers Bypass Authentication
Microsoft released Microsoft Patch Tuesday updates to address a critical zero-day vulnerability in Windows Shell that is currently being actively exploited in the wild. Tracked as CVE-2026-21510, this security flaw allows remote attackers to bypass essential protection mechanisms, putting millions of…
Socelars Malware Attacking Windows Systems to Steal Sensitive Business Data
A dangerous information-stealing malware called Socelars is actively targeting Windows systems to collect sensitive authentication data, with particular focus on Facebook Ads Manager accounts and session cookies. Unlike traditional malware that causes immediate system damage, Socelars operates silently in the…
GitLab Patches Multiple Vulnerabilities That Enables DoS and Cross-site Scripting Attacks
A critical security update has been released for both the Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, available in versions 18.8.4, 18.7.4, and 18.6.6, fix flaws that could allow attackers to crash servers,…
Windows Notepad Vulnerability Allows Attackers to Execute Code Remotely
Microsoft has patched a critical remote code execution (RCE) flaw in the Windows Notepad app, tracked as CVE-2026-20841, which could let attackers run malicious code on victims’ machines. Disclosed on February 10, 2026, Microsoft Patch Tuesday updates, the vulnerability stems…
Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild to gain SYSTEM-level access. The flaw stems from improper privilege management and was addressed in the February…
Microsoft 365 Admin Center Outage Hits users in North America
Microsoft 365 administrators in North America are grappling with widespread access issues to the Microsoft 365 admin center, as confirmed by the company’s service health dashboard. Issue ID MO1230320 marks a service degradation affecting the core Microsoft 365 suite, disrupting…
FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication
Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow unauthenticated attackers to sidestep LDAP authentication for Agentless VPN or Fortinet Single Sign-On (FSSO) policies. Classified under CWE-305 (Authentication Bypass by Primary Weakness),…