Torg Grabber Malware Shifts from Telegram Exfiltration to Encrypted REST API for C2

A fast-evolving information‑stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram‑based exfiltration to a hardened, encrypted REST API command‑and‑control (C2) channel fronted by Cloudflare. The operation surfaced when a 747 KB 64‑bit sample initially tagged as Vidar was…

IDrive for Windows Vulnerability Allows Attackers to Escalate Privileges and Gain Unauthorized Access

A critical security flaw has been identified in the IDrive Cloud Backup Client for Windows, exposing users to local privilege escalation attacks. Tracked as CVE-2026-1995, this vulnerability allows authenticated, low-privilege attackers to execute arbitrary code with the highest system permissions,…

Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks

Synology has issued an urgent security update for its DiskStation Manager (DSM) software to address a critical vulnerability. If left unpatched, this flaw could allow unauthenticated remote attackers to execute arbitrary commands on affected network-attached storage (NAS) devices. Tracked under…