A sophisticated supply chain attack targeting Aqua Security’s widely used open-source vulnerability scanner, Trivy. A threat actor leveraged compromised credentials to distribute malicious releases, turning a trusted security tool into a mechanism for large-scale credential theft across CI/CD pipelines. The…
Category: Cyber Security News
Kali Linux 2026.1 Released With 8 New Hacking Tools
Kali Linux 2026.1 has officially been released, marking the first major update of the year for the popular penetration testing distribution. Designed for professionals engaged in technical security research and vulnerability analysis, this update features modern aesthetic enhancements, notable advancements…
Threat Actors Continuously Attacking MS-SQL Servers to Deploy ICE Cloud Scanner
A persistent threat actor known as Larva-26002 has been continuously targeting poorly managed Microsoft SQL (MS-SQL) servers, this time deploying a new scanner malware called ICE Cloud Client. The campaign has been active since at least January 2024 and continues…
CanisterWorm Gets Destructive as TeamPCP Deploys Iran-Focused Kubernetes Wiper
A threat actor known as TeamPCP has taken a sharp turn toward destruction with a new payload that goes far beyond credential theft or backdoor installation. The group, tracked as a cloud-native attacker since late 2025, has deployed a Kubernetes…
Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption
Cybercriminals behind Tycoon2FA, a phishing-as-a-service (PhaaS) platform, have resumed targeting cloud accounts with near-full force despite a coordinated law enforcement takedown on March 4, 2026. Europol, working alongside authorities from six countries, seized 330 domains that formed the backbone of…
Dell Wyse Management Vulnerabilities Enables Complete System Compromise
A recent security analysis has revealed how chaining seemingly minor logic flaws in Dell Wyse Management Suite (WMS) On-Premises can result in a complete system compromise. Security researchers demonstrated that combining two distinct vulnerabilities allows an unauthenticated attacker to bypass…
HackerOne Data Breach – Employees Data Stolen Following Navia Hack
HackerOne recently disclosed a data breach affecting 287 of its employees following a cyberattack on its U.S. benefits administrator, Navia Benefit Solutions. The breach stemmed from a Broken Object Level Authorization (BOLA) vulnerability in Navia’s API, which exposed the sensitive…
Google Forms Job Lures Deliver PureHVNC in New Multi-Stage Malware Campaign
Attackers have found a new way to push malware by weaponizing one of the most trusted everyday tools — Google Forms. A newly identified campaign is exploiting business-themed lures, including fake job interviews, project briefs, and financial documents, to deliver…
DarkSword Exploit Chain That Can Hack Millions of iPhones Leaked Online
A powerful iOS exploit toolkit known as DarkSword has been publicly leaked on GitHub, dramatically lowering the barrier for cybercriminals to target hundreds of millions of iPhones and iPads still running outdated software. Security researchers are sounding the alarm as…
APT Hackers Attacking RDP Servers to Deploy Malicious Payloads and Establish Persistence
One of the world’s most dangerous state-backed hacking groups is actively targeting Remote Desktop Protocol (RDP) servers across critical infrastructure, defense organizations, and government agencies. The threat actor, known as APT-C-13 and widely tracked as Sandworm, APT44, Seashell Blizzard, and…
Microsoft Details New Security Safeguards for Generative AI Models on Azure AI Foundry
The rapid rise of generative AI has brought new security concerns that organizations can no longer afford to overlook. Microsoft has now outlined a detailed framework of security safeguards designed to protect generative AI models hosted on its Azure AI…
Why Your Monitoring Program Is Letting Attackers Win
There is a version of threat monitoring that looks impressive on paper and fails in practice. High log ingestion volumes. Hundreds of detection rules. A dashboard full of metrics. And yet, attackers dwell in the environment for weeks or months completely…
Google Says Gemini AI Agents are Crawling the Dark Web Posts to Detect Threats
Google has officially deployed Gemini AI agents within Google Threat Intelligence to autonomously monitor dark web forums in public preview. These agents process millions of posts daily, using advanced organizational profiling to detect specific security risks like data leaks and…
NAKIVO Backup & Replication Launches v11.2 with Automated Real-Time Replication and VMware vSphere 9 Support
Sparks, Nevada — March 6, 2026 NAKIVO Inc. announced the release of NAKIVO Backup & Replication v11.2, offering expanded platform support, enhanced security and faster disaster recovery for organizations worldwide. This version is the product of a focused engineering roadmap, while NAKIVO’s international…
Hackers Attacking Android Users With Fake ChatGPT Invites to Deploy Malware
Cybercriminals have set their sights on Android users through a well-crafted phishing scheme that disguises malicious applications as beta-testing opportunities for ChatGPT and Meta advertising tools. What appears to be a legitimate app-testing invitation turns out to be a carefully…
511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now!
A massive attack surface involving outdated Microsoft Internet Information Services (IIS) servers. During Shadowserver’s daily network scans on March 23, 2026, researchers identified over 511,000 End-of-Life (EOL) IIS instances actively connected to the internet. This widespread exposure presents a serious…
Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability
Mazda Motor Corporation has officially disclosed a security incident involving unauthorized external access to an internal warehouse management system, potentially exposing 692 personal data records of employees, group company staff, and business partners. The Japanese automaker published its formal breach…
Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems
Cloud Software Group has released urgent security patches for NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), addressing two significant vulnerabilities that could allow unauthenticated remote attackers to compromise affected systems. Organizations running customer-managed deployments are strongly…
Critical QNAP QVR Pro Vulnerability Let Remote Attackers Gain Access to the System
QNAP has released a critical security advisory addressing a severe vulnerability in its QVR Pro surveillance software. Tracked as CVE-2026-22898, this flaw allows remote, unauthenticated attackers to gain unauthorized access to affected systems. Users relying on QVR Pro 2.7. x…
SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025
A sophisticated SEO poisoning campaign has been quietly targeting Windows users since at least October 2025, luring them into downloading trojanized installers for more than 25 popular software applications. The operation went undetected for roughly five months before investigators uncovered…