A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle files. The vulnerability, assigned CVE-2025-56005, affects the undocumented picklefile parameter in the yacc() function, which remains absent from official…
Tag: Cyber Security News
Caminho Loader-as-a-Service Using Steganography to Conceal .NET Payloads within Image Files
Caminho Loader is a new Loader-as-a-Service threat that blends steganography, fileless execution, and cloud abuse to quietly deliver malware across several regions. First seen in March 2025 and believed to originate from Brazil, this service hides .NET payloads inside harmless-looking…
Threat Actors Using Fake Notepad++ and 7-zip Websites to Deploy Remote Monitoring Tools
Cybercriminals are increasingly distributing malicious Remote Monitoring and Management (RMM) tools through fake websites that mimic popular software download pages. These deceptive sites impersonate legitimate utilities like Notepad++ and 7-Zip, tricking users into installing remote access tools such as LogMeIn…
New Lawsuit Claims that Meta Can Read All the WhatsApp Users Messages
A new class-action lawsuit accuses Meta Platforms of misleading billions of WhatsApp users by claiming their messages are protected by unbreakable end-to-end encryption. Filed in the San Francisco federal court, the suit alleges the company secretly stores, analyzes, and grants…
Microsoft Office Zero-day Vulnerability Actively Exploited in Attacks
Microsoft released emergency out-of-band security updates on January 26, 2026, to address CVE-2026-21509, a zero-day security feature bypass vulnerability in Microsoft Office that attackers are actively exploiting. The flaw, rated “Important” with a CVSS v3.1 base score of 7.8, relies…
Best VPN Services of 2026: Fast, Secure & Affordable
In today’s digital world, online privacy and security have never been more important. With cybercrime on the rise and government surveillance becoming more common, protecting your personal information online is crucial. Whether you’re browsing on public Wi-Fi, shopping online, or…
Hundreds of Exposed Clawdbot Gateways Leave API Keys and Private Chats Vulnerable
Clawdbot, the surging open-source AI agent gateway, faces escalating security concerns, with 900+ unauthenticated instances exposed online and multiple code flaws that enable credential theft and remote code execution. Clawdbot is an open-source personal AI assistant that integrates with messaging…
800K+ Telnet Servers Exposed to RCE Attacks – PoC Released
A critical authentication bypass vulnerability in the telnetd component of GNU Inetutils has exposed approximately 800,000 internet-accessible Telnet instances to unauthenticated remote code execution (RCE). Tracked as CVE-2026-24061 with a CVSS score of 9.8, the flaw allows attackers to gain…
Nova Ransomware Allegedly Claiming Breach of KPMG Netherlands
A major accounting firm in the Netherlands has reportedly become the latest victim of Nova, an active ransomware operation. The breach was discovered and indexed by ransomware live on January 23, 2026, with the estimated attack date coinciding with the…
Curl to End Bug Bounty Following Low-Quality AI-Generated Vulnerability Reports
The curl project ended its bug bounty program in January 2026 because it received too many low-quality and useless bug reports. The decision reflects growing frustration within the open-source security community regarding the unintended consequences of financial incentive structures on…
Lazarus Hackers Actively Attacking European Drone Manufacturing Companies
Lazarus, a sophisticated North Korean-aligned hacking group also known as HIDDEN COBRA, has launched a new wave of targeted attacks against European drone manufacturers and defense contractors. The campaign, tracked as Operation DreamJob, emerged in late March 2025 and specifically…
New Malware Toolkit Sends Users to Malicious Websites While the URL Stays the Same
Browser attacks have become far more dangerous and organized than before. A new threat called Stanley, discovered in January 2026, shows just how serious the problem has become. This malware-as-a-service toolkit, priced between $2,000 and $6,000, does something particularly deceptive:…
‘SyncFuture’ Campaign Weaponizing Legitimate Enterprise Security Software to Deploy Malware
In December 2025, threat researchers uncovered an alarming espionage operation targeting residents of India through sophisticated phishing campaigns. The attack, dubbed SyncFuture, demonstrates how cybercriminals can abuse legitimate business software as a vehicle for launching advanced malware attacks. Attackers sent…
New DPRK Interview Campaign Leverages Fake Fonts to Deploy Malware
North Korea’s Lazarus Group has launched a sophisticated supply chain attack targeting software developers through a campaign called “Fake Font.” The threat actors are using fake job interviews and malicious GitHub repositories to trick engineers into downloading code that contains…
MITRE Releases New Cybersecurity Framework to Protect the Embedded Systems
A new Embedded Systems Threat Matrix™ (ESTM) framework was introduced to help secure embedded systems used in critical infrastructure and defense technologies across the U.S. Developed collaboratively with the Air Force’s Cyber Resiliency Office for Weapon Systems (CROWS). ESTM addresses…
Sandworm APT Group Targeting Poland’s Power Grid with DynoWiper Malware
Late December 2025 brought alarming news to Poland as its energy infrastructure became the target of what security experts describe as the country’s largest cyberattack in years. The Russian-aligned Sandworm group, known for orchestrating some of the most damaging attacks…
New Instagram Vulnerability Exposes Private Posts to Anyone
A critical server-side vulnerability in Instagram’s infrastructure allowed unauthenticated attackers to access private photos and captions without a login or follower relationship, according to a disclosure released this week by security researcher Jatin Banga. The vulnerability, which was reportedly patched…
New Phishing Attack Leverages Vercel Hosting Platform to Deliver a Remote Access Tool
A sophisticated phishing campaign active between November 2025 and January 2026 has been exploiting Vercel’s legitimate hosting platform to distribute remote access tools to unsuspecting victims. The attack chain combines social engineering with trusted domain exploitation, making it particularly effective…
Microsoft Releases Out-of-Band Update KB5078127 to Fix Windows 11 File System and Outlook Freezes
An out-of-band (OOB) cumulative update, KB5078127, to address critical file system compatibility issues affecting Windows 11 users. The update resolves widespread problems introduced by the January 13, 2026, security update (KB5074109) that caused application freezes and cloud storage failures across…
Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption
A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or corrupt critical data through maliciously crafted URI inputs. The vulnerability, tracked as CVE-2025-27821, affects Apache Hadoop versions 3.2.0 through 3.4.1.…