With the rapid growth of e-commerce and mobile payments, online shopping has become an essential part of everyday life for many people. Consumers now purchase everything from electronics and household products to digital services through online platforms. While this convenience…
Category: Cyber Security News
Angular XSS Vulnerability Exposes Thousands of web Applications to XSS Attacks
A high-severity Cross-Site Scripting (XSS) vulnerability has been discovered in the widely used Angular framework. Tracked as CVE-2026-32635 and categorized under CWE-79, this flaw affects both the @angular/compiler and @angular/core packages. Because Angular powers countless enterprise and consumer web applications worldwide, this vulnerability potentially…
New Windows 11 25H2/24H2 Update Fixes Bluetooth Devices Visibility Issues
Microsoft has rolled out an out-of-band update for Windows 11 users to address a frustrating interface bug affecting Bluetooth device visibility. Released on March 16, 2026, this emergency patch resolves a software glitch in which connected wireless peripherals mysteriously disappeared…
Kubernetes CSI Driver for NFS Vulnerability Lets Attackers Delete or Modify NFS Server Directories
A path traversal vulnerability has been identified in the Kubernetes Container Storage Interface (CSI) Driver for NFS, potentially allowing attackers to delete or modify unintended directories on NFS servers. The flaw stems from insufficient validation of the subDir parameter in…
Phishers Weaponize Safe Links With Multi-Layered URL Rewriting to Evade Detection
Phishing attackers have found a way to turn a standard security feature against the very users it was built to protect. By abusing URL rewriting — a defensive mechanism embedded in most enterprise email gateways — threat actors are weaponizing…
New ‘Payload’ Ransomware Uses Babuk-Style Encryption Against Windows and ESXi Systems
A newly identified ransomware strain called “Payload” has emerged as a serious threat to organizations across multiple sectors, combining strong encryption techniques with advanced anti-forensic capabilities. The group behind it has been active since at least February 17, 2026 —…
Malicious npm Packages Deliver PylangGhost RAT in New Software Supply Chain Campaign
A remote access trojan known as PylangGhost has appeared on the npm registry for the first time, concealed inside two malicious JavaScript packages. The malware, first publicly disclosed by Cisco Talos in June 2025 and attributed to the North Korean…
Attackers Hijacking Legitimate Websites to Attack Microsoft Teams users
A multi-vector phishing campaign using compromised WordPress sites to steal login credentials from Microsoft Teams and Xfinity users. By hijacking these trusted sites, attackers can bypass security filters and trick victims into disclosing sensitive information. The threat actors are not…
CISA Warns of Chrome 0-Day Vulnerabilities Exploited in Attacks
An urgent warning regarding two highly critical zero-day vulnerabilities affecting Google Chrome and related products. These flaws have been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, indicating that malicious hackers are actively exploiting them in the wild. With…
Researchers Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules
Cybersecurity researchers have uncovered a critical evasion flaw in Palo Alto Networks’ Cortex XDR agent that allowed attackers to bypass behavioral detections completely. By reverse-engineering these encrypted rules, the InfoGuard Labs team discovered hardcoded global whitelists that enabled threat actors…
Phishers Abuse LiveChat Support Tools to Steal Sensitive Data in New SaaS-Based Attack Tactic
A newly identified phishing campaign is turning legitimate customer service software into a weapon for stealing sensitive user data. Attackers have been found abusing LiveChat, a widely used Software-as-a-Service (SaaS) platform that businesses rely on for real-time customer support, to…
New CondiBot Variant and ‘Monaco’ Cryptominer Expand Threats to Network Devices
Network infrastructure has become one of the most targeted areas in today’s threat landscape. Over recent years, attackers ranging from nation-state groups to financially driven criminal actors have steadily shifted their focus toward routers, firewalls, and other network devices. These…
Researchers Discover Ways to Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules
A critical evasion flaw in Palo Alto Networks’ Cortex XDR agent that allowed attackers to bypass behavioral detections completely. By reverse-engineering these encrypted rules, the InfoGuard Labs team discovered hardcoded global whitelists that enabled threat actors to execute malicious actions…
Stryker Confirms Destructive Wiper Attack – Tens of Thousands of Devices Wiped
Medical technology giant Stryker Corporation confirmed on March 11, 2026, that it suffered a significant cyberattack that disrupted its global Microsoft environment, with Iran-linked threat actor Handala claiming responsibility for what appears to be a politically motivated, destructive operation. Unlike…
RondoDox Botnet Expands to 174 Exploits, Leveraging Residential IP Infrastructure at Scale
A newly tracked botnet called RondoDox has quietly built itself into one of the more concerning threats observed in recent months, combining an unusually large collection of exploits with a calculated use of residential internet infrastructure. First detected in May…
CamelClone Spy Campaign Abuses Public File-Sharing Sites and Rclone in Government-Focused Attacks
A sophisticated espionage campaign, tracked as Operation CamelClone, has been actively targeting government agencies, defense institutions, and diplomatic bodies across multiple countries, including Algeria, Mongolia, Ukraine, and Kuwait. The operation relies on spear-phishing emails carrying malicious ZIP archives disguised as…
Handala Hack Uses RDP, NetBird, and Parallel Wipers in MOIS-Linked Destructive Intrusions
An Iranian threat actor known as Handala Hack has carried out a series of destructive cyberattacks against organizations in Israel, Albania, and the United States, using remote desktop access, network tunneling, and multiple simultaneous data-wiping tools. The group operates under…
Fake Shipment Tracking Scams Surge in MEA, Stealing Banking Data Through Real-Time Phishing
Every day, billions of people rely on postal and courier services to deliver everything from personal letters to online orders. This dependence has grown steadily alongside the global rise of e-commerce. The 2024 Universal Postal Union report found that postal…
Fake FileZilla Downloads Lead to RAT Infections Through Stealthy Multi-Stage Loader
A new malware campaign has been discovered delivering a Remote Access Trojan through fake websites impersonating the official FileZilla download page. Attackers designed these fraudulent sites to closely mirror the real FileZilla page, tricking users into downloading malicious installer files.…
Qihoo 360 Leaked Its Own Wildcard SSL Private Key Inside Public AI Installer
China’s largest cybersecurity firm, Qihoo 360, has inadvertently exposed its own wildcard SSL private key by bundling it directly inside the public installer of its newly launched AI assistant, 360Qihoo (Security Claw). The flaw discovered on March 16, 2026, is…