Category: Cyber Security News

A well-known advanced persistent threat group called SideWinder has launched a highly targeted phishing campaign against South Asian government organizations, using a fake Chrome PDF viewer and a pixel-perfect clone of the Zimbra email login portal to steal employee credentials.…

Read more →

A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes GitHub pull request titles, issue bodies, and issue comments to hijack AI coding agents and steal API keys and access tokens directly from…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about severe vulnerabilities in Gardyn Home Kit smart garden systems. Carrying a maximum severity score of 9.3 out of 10, these flaws could allow unauthenticated attackers to hijack…

Read more →

A British man has pleaded guilty in the United States to his role in a large cybercrime scheme that used SMS phishing, company network intrusions, and SIM swapping to steal at least $1 million in virtual currency from victims across…

Read more →

Cybersecurity researchers, working in partnership with OpenAI, have uncovered a fascinating and severe vulnerability in iTerm2, a widely used macOS terminal emulator. According to Califio, the flaw abuses the application’s SSH integration feature, allowing attackers to turn seemingly harmless text…

Read more →

A proof-of-concept (PoC) exploit has been publicly released for a newly disclosed vulnerability in Microsoft’s Snipping Tool that allows attackers to silently steal users’ Net-NTLM credential hashes by luring them to a malicious webpage. Tracked as CVE-2026-33829, the flaw resides…

Read more →

A critical flaw in Anthropic’s Model Context Protocol (MCP) exposes over 150 million downloads to potential compromise. The vulnerability could enable full system takeover across up to 200,000 servers. The OX Security Research team identified the flaw as a fundamental design…

Read more →

Security researchers have uncovered a highly sophisticated attack campaign that weaponizes a legitimate, digitally signed Intel utility to secretly deploy malware, all without touching a single line of the original program’s code. The campaign, dubbed Operation PhantomCLR, represents a serious evolution…

Read more →

A newly identified malware campaign is raising serious concerns across the cybersecurity community by delivering two very different threats at the same time. Attackers are now using a single, obfuscated loader to push both Gh0st Remote Access Trojan (RAT) and…

Read more →

A North Korean threat group known as UNC1069 has been running a sophisticated campaign that tricks cryptocurrency and Web3 professionals into joining fake online meetings, only to infect their computers with malware designed to steal digital assets. The group pretends…

Read more →

A critical Broken Object Level Authorization (BOLA) vulnerability in Lovable, the popular AI-powered app builder platform, is reportedly allowing unauthorized users to access sensitive project data, including source code, database credentials, AI chat histories, and real customer information from thousands…

Read more →

Iran’s Ministry of Intelligence and Security (MOIS) has been running a long and carefully organized cyber campaign using three separate hacker identities. These identities, known as Homeland Justice, Karma/KarmaBelow80, and Handala, were widely believed to be independent hacktivist groups. However,…

Read more →

Microsoft is actively working to resolve a service disruption that has left a subset of Teams desktop client users unable to launch the application, with the company now monitoring the rollback of the problematic update to confirm full recovery. Microsoft…

Read more →

A new ransomware strain known as JanaWare has been quietly targeting home users and small to medium-sized businesses in Turkey, using a customized version of the well-known Adwind Remote Access Trojan (RAT) as its delivery vehicle. The campaign is notable…

Read more →

Threat actors are now weaponizing QEMU, a legitimate open-source machine emulator and virtualizer, as a covert backdoor to steal credentials and deliver ransomware without triggering endpoint security alerts. This alarming shift in attacker behavior highlights how freely available, trusted software…

Read more →

A new and deceptive attack campaign has emerged where threat actors are impersonating IT helpdesk personnel through Microsoft Teams to trick employees into granting remote access to their systems. What makes this campaign dangerous is how it uses trusted, everyday…

Read more →

A critical Broken Object Level Authorization (BOLA) vulnerability in Lovable, the popular AI-powered app builder platform, is reportedly allowing unauthorized users to access sensitive project data, including source code, database credentials, AI chat histories, and real customer information from thousands…

Read more →

Microsoft has released Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, introducing notable improvements to Secure Boot visibility, storage management, and the Feedback Hub experience. The most security-relevant update in this build is a revamped Secure Boot experience…

Read more →

A newly uncovered malware-as-a-service platform called FUD Crypt is giving cybercriminals an easy way to build sophisticated Windows malware without writing a single line of code. The platform, operating from fudcrypt.net, accepts any Windows executable uploaded by a subscriber and…

Read more →

Microsoft has rolled out a significant behavioral change to the Windows Remote Desktop Connection application (MSTSC) as part of its April 2026 Patch Tuesday security update, introducing new warning dialogs designed to protect users from phishing attacks that exploit Remote…

Read more →