Mazda Motor Corporation has officially disclosed a security incident involving unauthorized external access to an internal warehouse management system, potentially exposing 692 personal data records of employees, group company staff, and business partners. The Japanese automaker published its formal breach…
Category: Cyber Security News
Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems
Cloud Software Group has released urgent security patches for NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), addressing two significant vulnerabilities that could allow unauthenticated remote attackers to compromise affected systems. Organizations running customer-managed deployments are strongly…
Critical QNAP QVR Pro Vulnerability Let Remote Attackers Gain Access to the System
QNAP has released a critical security advisory addressing a severe vulnerability in its QVR Pro surveillance software. Tracked as CVE-2026-22898, this flaw allows remote, unauthenticated attackers to gain unauthorized access to affected systems. Users relying on QVR Pro 2.7. x…
SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025
A sophisticated SEO poisoning campaign has been quietly targeting Windows users since at least October 2025, luring them into downloading trojanized installers for more than 25 popular software applications. The operation went undetected for roughly five months before investigators uncovered…
Tax-Themed Google Ads Lead to BYOVD EDR Killer in Huntress-Traced Malvertising Campaign
Every April, millions of Americans rush to file taxes before the deadline — and attackers count on it. A large-scale malvertising campaign, active since at least January 2026, has been exploiting that urgency by placing fake tax form pages through…
MacOS Stealer MioLab Adds ClickFix Delivery, Wallet Theft and Team API Tools
A sophisticated macOS infostealer known as MioLab — also tracked as Nova — has emerged as one of the most advanced Malware-as-a-Service (MaaS) platforms targeting Apple users. Advertised on Russian-speaking underground forums, MioLab marks a shift in the threat landscape,…
Libyan Oil Refinery Hit in Long-Running Espionage Campaign Using AsyncRAT
A Libyan oil refinery, a telecoms organization, and a state institution fell victim to a coordinated espionage campaign between November 2025 and February 2026. The attacks delivered AsyncRAT, a publicly available remote access Trojan with a documented history of use…
Oblivion RAT Turns Fake Play Store Updates Into a Full-Service Android Spyware Operation
A newly discovered Android remote access trojan known as Oblivion RAT has emerged on cybercrime networks as a complete malware-as-a-service (MaaS) platform, turning fake Google Play Store update pages into a full-scale spyware operation. First reported by Certo Software, the…
Trivy Supply Chain Attack Expands as Compromised Docker Images Hit Docker Hub
A supply chain attack targeting Trivy, the widely used open-source vulnerability scanner, has grown well beyond its initial scope. What started as a GitHub Actions compromise has now extended to Docker Hub, where three malicious Docker image versions were silently…
$30 IP-KVM Flaws Could Give Attackers BIOS-Level Control Across Enterprise Networks
A recent security assessment by researchers has uncovered nine severe vulnerabilities across four popular low-cost IP-KVM devices. These flaws uncovered by Eclypsium allow attackers to gain complete, BIOS-level control over connected systems, effectively bypassing all operating system security controls and…
CISA Warns of Craft CMS Code Injection Vulnerability Exploited in Attacks
A critical vulnerability in Craft CMS (CVE-2025-32432) has been added to the Known Exploited Vulnerabilities catalog following confirmed active exploitation in the wild. Security teams and system administrators are advised to address this issue immediately to prevent severe network compromises.…
Windows 11 Emergency Update to Fix ‘No Internet’ Sign-In Errors for OneDrive, Teams, and More
Microsoft has released an out-of-band (OOB) update, KB5085516, for Windows 11 versions 25H2 and 24H2 to address a critical sign-in issue introduced by the March 2026 Patch Tuesday update. The emergency patch, released on March 21, 2026, targets a bug…
CISA Warns of Apple Vulnerabilities Linked to DarkSword iOS Exploit Chain Exploited in Attacks
An urgent warning regarding three critical Apple vulnerabilities that threat actors are actively exploiting in the wild. These security flaws, officially tracked as CVE-2025-31277, CVE-2025-43510, and CVE-2025-43520, were recently added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. Security researchers have…
New CanisterWorm Steals npm Tokens and Spreads Through Compromised Publisher Accounts
A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked to a group tracked as “TeamPCP,” compromises legitimate publisher namespaces and pushes poisoned package versions, effectively turning…
Copyright-Themed Lures Deliver Multi-Stage PureLog Stealer in New Credential Theft Campaign
A new malware campaign is targeting organizations across healthcare, government, education, and hospitality sectors using cleverly disguised copyright violation notices to deliver PureLog Stealer, a powerful information-stealing malware. The campaign, first analyzed in March 2026, tricks victims into executing a…
Microsoft Emergency Out-of-Band Update for Windows 11 to Fix Microsoft Account Sign-In Failure
Microsoft has issued an out-of-band (OOB) update for Windows 11 versions 25H2 and 24H2, identified as KB5085516, addressing a critical sign-in bug introduced by the March 2026 Patch Tuesday release. The update carries OS builds 26200.8039 and 26100.8039 and was…
Crunchyroll Data Breach — Threat Actor Claims Exfiltration of 100 GB of User Data
A threat actor has allegedly exfiltrated approximately 100 GB of personally identifiable information (PII) from Crunchyroll, the Sony-owned anime streaming giant, after gaining access through a compromised employee at the platform’s outsourcing partner, Telus. The breach, which reportedly occurred on…
AstraZeneca Data Breach – LAPSUS$ Group Allegedly Claims Access to Internal Data
The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat actors are currently attempting to sell a compressed 3GB internal data dump, signaling a potential…
Hackers Compromise Trivy Scanner to Inject malicious Scripts and Steal Login Credentials
A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and continuous deployment (CI/CD) pipelines globally. Disclosed in late March 2026, this incident marks the second distinct compromise affecting the Trivy ecosystem within a…
Malicious Script Injection in Trivy Compromise Enables Credential Theft
A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and continuous deployment (CI/CD) pipelines globally. Disclosed in late March 2026, this incident marks the second distinct compromise affecting the Trivy ecosystem within a…