Tag: Cyber Security News

A sophisticated espionage campaign attributed to the Chinese Advanced Persistent Threat (APT) group Lotus Blossom (also known as Billbug). The threat actors compromised the infrastructure hosting the popular text editor Notepad++ to deliver a custom, previously undocumented backdoor named “Chrysalis”.…

Read more →

A newly formed Russian hacker alliance known as Russian Legion has launched a coordinated cyberattack campaign against Denmark, threatening critical infrastructure and government services. The alliance, which includes Cardinal, The White Pulse, Russian Partizan, and Inteid, publicly announced its formation…

Read more →

On December 29, 2025, Poland faced a coordinated assault targeting more than 30 wind and solar farms, alongside a large combined heat and power plant and a manufacturing facility. The attacks occurred during severe winter weather, when temperatures dropped and…

Read more →

A dangerous new data-wiping malware known as DynoWiper has emerged, targeting energy companies in Poland with destructive attacks designed to permanently erase critical data. The malware surfaced in December 2025 when security researchers detected its deployment at a Polish energy…

Read more →

A long-running online nation simulation game has been taken temporarily offline following a security breach that compromised its central production server. The team estimates the downtime will last 2 to 5 days as they rebuild core infrastructure and audit the…

Read more →

21,000+ publicly exposed instances of an open-source personal AI assistant, raising significant concerns about unprotected access to sensitive user configurations and personal data. OpenClaw, a rapidly emerging personal AI assistant created by Austrian developer Peter Steinberger, has experienced explosive growth…

Read more →

A previously unknown hacktivist group called Punishing Owl has emerged with sophisticated cyberattacks targeting Russian government security agencies. The group first surfaced on December 12, 2025, when it announced the successful breach of a Russian government security agency’s network. The…

Read more →

Microsoft has acknowledged a strange user interface bug affecting specific Windows environments where the password sign-in option appears to vanish from the lock screen. The issue, which originated with updates released in late 2025, primarily impacts managed IT infrastructures and…

Read more →

The Russia-linked threat group UAC-0001, also known as APT28, has been actively exploiting a critical zero-day vulnerability in Microsoft Office. The group is using this flaw to deploy sophisticated malware against Ukrainian government entities and European Union organizations. The vulnerability,…

Read more →

A new wave of attacks targeting Windows systems has emerged through a sophisticated remote access trojan known as Pulsar RAT. This malware establishes persistence using the per-user Run registry key, enabling automatic execution each time an infected user logs into…

Read more →

A critical vulnerability in Gakido, an HTTP client library by HappyHackingSpace, has been discovered that allows attackers to inject arbitrary HTTP headers through CRLF (Carriage Return Line Feed) sequences. Tracked as CVE-2026-24489 under advisory RO-26-005, the vulnerability affects all versions…

Read more →

Security teams defending Linux environments now face a sophisticated threat designed to evade traditional detection. A newly uncovered fileless malware framework named ShadowHS operates entirely in memory, leaving no persistent traces on disk while establishing long-term control over compromised systems.…

Read more →

The cybersecurity landscape has entered a dangerous new phase where autonomous AI agents are transforming from simple automation tools into sophisticated criminal operators. These self-directed systems now execute complex cyberattacks without human oversight, marking a fundamental shift in how digital…

Read more →

A dangerous Android malware called Arsink RAT has emerged as a serious threat to mobile device security worldwide. This cloud-native Remote Access Trojan gives attackers complete control over infected devices while quietly stealing personal information. The malware spreads through social…

Read more →

Threat actors are actively targeting internet-exposed MongoDB instances in large-scale automated ransomware campaigns. The attacks follow a consistent pattern: attackers scan for unsecured MongoDB databases accessible on the public internet, delete the stored data, and insert ransom notes demanding payment…

Read more →

Microsoft has introduced a significant security control in the latest Windows 11 preview update designed to restrict unauthorized interaction with critical system files. Released as part of the January 2026 non-security preview (KB5074105), this enhancement specifically targets the Storage settings…

Read more →

The ShinyHunters threat group has expanded its extortion operations with sophisticated attack methods targeting cloud-based systems across multiple organizations. These cybercriminals use voice phishing and fake credential harvesting websites to steal login information from employees. Once they gain access, they…

Read more →

The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…

Read more →

A critical vulnerability in OpenClaw, the open-source AI personal assistant trusted by over 100,000 developers, has been discovered and weaponized into a devastating one-click remote code execution exploit. Security researchers at depthfirst General Security Intelligence uncovered a logic flaw that,…

Read more →

The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…

Read more →