A newly discovered attack campaign has exposed a sophisticated delivery method for the PURELOGS infostealer, a commodity malware sold as a service on underground forums. Threat actors are using weaponized PNG files hosted on legitimate infrastructure to deliver the payload…
Category: Cyber Security News
Critical Zoom Command Injection Vulnerability Enables Remote Code Execution
A critical command injection vulnerability in Node Multimedia Routers (MMRs) could allow meeting participants to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2026-22844, carries a CVSS severity rating of 9.9, the highest possible score, indicating an extremely…
New PixelCode Attack Smuggles Malware via Image Pixel Encoding
A novel malware delivery technique dubbed “PixelCode” has been demonstrated, showing how malicious executables can be encoded directly into video frames. The approach allows threat actors to host these videos on legitimate platforms such as YouTube, helping the malware evade…
NVIDIA NSIGHT Graphics for Linux Vulnerability Allows Code Execution Attacks
An urgent security update addressing a critical vulnerability in NSIGHT Graphics for Linux that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-33206, has been rated as High severity with a CVSS score of…
AI Phishing Is Your Company’s Biggest Security Risk in 2026: Here’s How to Stop It
Phishing used to be easy to spot. Bad grammar, strange links, obvious scams. That version is gone. In 2026, phishing is polished, well-written, and often smarter than it has any right to be thanks to AI. These attacks look like real business emails, slip past…
Beware of Weaponized Shipping Documents that Deliver Remcos RAT with a Wide Range of Capabilities
Threat actors are leveraging a dangerous new campaign that weaponizes ordinary-looking shipping documents to distribute Remcos, a powerful remote access trojan. This phishing scheme uses fake shipping emails as the entry point, tricking users into opening malicious Word documents disguised…
Multiple 0-day Vulnerabilities in Anthropic Git MCP Server Enables Code Execution
Three zero-day vulnerabilities in mcp-server-git, the reference implementation of Git integration for the Model Context Protocol (MCP). The flaws stem from insufficient input validation and argument sanitization in core Git operations. Through prompt injection, attackers can execute code, delete files,…
Microsoft Teams External Domain Anomalies Allow Defenders to Detect Attackers at Earliest
Microsoft is rolling out a new security feature called the External Domains Anomalies Report for Teams, designed to help IT administrators identify and respond to suspicious external communications before they escalate into data breaches. This proactive monitoring tool, scheduled for…
Hackers Extensively Abuses Visual Studio Code to Execute Malicious Payloads on Victim System
Threat actors linked to North Korea have continued to expand their attack capabilities by weaponizing Microsoft Visual Studio Code, one of the world’s most popular code editors. The Contagious Interview campaign has evolved significantly, shifting from traditional social engineering tactics…
Azure Private Endpoint Deployments Exposes Azure Resources to DoS Attack
A critical architectural flaw in Microsoft Azure’s Private Endpoint implementation that enables denial-of-service (DoS) attacks against production Azure resources. The vulnerability affects over 5% of Azure storage accounts, exposing organizations to service disruptions across Key Vault, CosmosDB, Azure Container Registry,…
Critical Oracle WebLogic Server Proxy Vulnerability Lets Attackers Compromise the Server
Oracle has disclosed a severe security vulnerability affecting its Fusion Middleware suite, specifically targeting the Oracle HTTP Server and the Oracle WebLogic Server Proxy Plug-in. Assigned CVE-2026-21962, this flaw carries the maximum severity rating and poses an immediate threat to…
Attackers Leverages LinkedIn to Deliver Remote Access Trojan Targeting Corporate Environments
A sophisticated phishing campaign is actively exploiting LinkedIn’s trusted social media platform to distribute a dangerous remote access trojan to corporate employees. Attackers are leveraging the professional credibility of LinkedIn to craft convincing messages that appear legitimate, making employees more…
Critical GNU InetUtils Vulnerability Allows Unauthenticated Root Access Via “-f root”
A critical remote authentication bypass vulnerability has been disclosed in GNU InetUtils affecting the telnetd server component. The flaw, reported by a security researcher on January 19, 2026, allows unauthenticated attackers to gain root access by exploiting improper input sanitization…
Google Chrome 144 Update Patches High-Severity V8 Vulnerability
A new Stable-channel release of Chrome version 144 addresses a high-severity vulnerability in the V8 JavaScript engine. The update, version 144.0.7559.96/.97 for Windows and Mac and 144.0.7559.96 for Linux, began rolling out on January 21, 2026, and will reach all…
CISA Releases BRICKSTORM Malware Report with New YARA Rules for VMware vSphere
The Cybersecurity and Infrastructure Security Agency has issued a malware analysis report on BRICKSTORM, a sophisticated backdoor linked to Chinese state-sponsored cyber operations. Released in December 2025 and updated through January 2026, the report identifies this threat targeting VMware vSphere…
New Spear Phishing Attack Leveraging Argentine Federal Court Rulings to Covert RAT for Remote Access
A sophisticated spear-phishing campaign has emerged targeting Argentina’s judicial sector, exploiting trust in legitimate court communications to deliver a dangerous Remote Access Trojan. The campaign uses authentic-looking federal court documents about preventive detention reviews to trick legal professionals into downloading…
WPair – Scanner Tool to Detect WhisperPair Flaw in Google’s Fast Pair Protocol
WPair is an Android application designed to identify and demonstrate the CVE-2025-36911 vulnerability affecting millions of Bluetooth audio devices worldwide. The tool addresses a critical authentication bypass flaw discovered by KU Leuven researchers in Google’s Fast Pair protocol, commonly referred…
Hacker Pleads Guilty For Stealing Supreme Court Documents and Leaking via Instagram
Nicholas Moore, 24, from Springfield, Tennessee, pleaded guilty to unauthorized computer access and fraud, marking a significant case of government cybersecurity breach. Moore hacked multiple U.S. government systems and publicly disclosed sensitive information through social media, exposing critical vulnerabilities in…
Everest Ransomware Group Allegedly Claims to Have Breached McDonald’s India
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive data. The threat actors posted details of the breach on their dark web leak site on January 20, 2026, threatening…
Apache Airflow Vulnerabilities Enables Expose of Sensitive Data
Multiple vulnerabilities in Apache Airflow versions prior to 3.1.6 could reveal sensitive authentication credentials and secrets within logs and user interfaces. Both issues stem from inadequate masking of sensitive data during rendering and logging operations, potentially compromising proxy credentials and…