Tag: Cyber Security News

A newly identified backdoor called A0Backdoor has emerged as part of a calculated social-engineering campaign that abuses Microsoft Teams and the Windows remote assistance tool Quick Assist. The threat group is tracked under aliases including Blitz Brigantine, Storm-1811, and STAC5777,…

Read more →

A set of nine novel cross-tenant vulnerabilities in Google Looker Studio, collectively dubbed “LeakyLooker,” that could have allowed attackers to run arbitrary SQL queries, exfiltrate sensitive data, and even modify or delete records across Google Cloud environments, all without victims…

Read more →

Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the discovery of a critical remote code execution (RCE) vulnerability tracked as CVE-2026-0386. The flaw, rooted in improper access control, allows an…

Read more →

Meta has confirmed it will permanently remove end-to-end encryption (E2EE) support from Instagram direct messages, with the feature officially shutting down after May 8, 2026. The announcement, quietly posted on Instagram’s Help Center support page, marks a significant reversal from…

Read more →

Microsoft released an out-of-band hotpatch update on March 13, 2026, addressing serious security vulnerabilities in Windows 11 versions 24H2 and 25H2. Tracked as KB5084597 and targeting OS Builds 26200.7982 and 26100.7982, this update patches three actively concerning flaws in the…

Read more →

Microsoft released an out-of-band hotpatch update on March 13, 2026, addressing serious security vulnerabilities in Windows 11 versions 24H2 and 25H2. Tracked as KB5084597 and targeting OS Builds 26200.7982 and 26100.7982, this update patches three actively concerning flaws in the…

Read more →

A series of intrusions in early 2026 in which threat actors compromised FortiGate Next-Generation Firewalls (NGFW) to establish persistent footholds within enterprise environments. Each case was intercepted during the lateral movement phase before the attackers could fully achieve their objectives.…

Read more →

JFrog security researchers Guy Korolevski and Meitar Palas uncovered a sophisticated supply chain attack on the npm ecosystem on March 12, 2026, in which threat actors disguised an information-stealing malware as a legitimate Roblox script executor. The campaign, self-named Cipher…

Read more →

In a major escalation of supply chain attacks, the GlassWorm malware campaign has evolved to infect developer environments using transitive dependencies. On March 13, 2026, the Socket Research Team reported identifying at least 72 new malicious Open VSX extensions linked…

Read more →

In a massive international crackdown on cybercrime, law enforcement agencies from 72 countries have successfully dismantled over 45,000 malicious IP addresses and servers. Coordinated by INTERPOL, “Operation Synergia III” targeted the critical infrastructure behind devastating ransomware, malware, and phishing campaigns…

Read more →

Miggo Security researchers have identified a critical vulnerability in LangSmith, tracked as CVE-2026-25750, that exposes users to potential token theft and complete account takeover. As a central hub for debugging and monitoring large language model data, LangSmith processes billions of…

Read more →

Microsoft has officially acknowledged a critical bug affecting Windows 11 users on certain Samsung devices, in which the system drive (C:) becomes completely inaccessible after installing the February 2026 security update. The company is now actively investigating the issue in…

Read more →

An international law enforcement operation led by the U.S. Justice Department has successfully dismantled SocksEscort, a massive residential proxy network. The malicious service compromised thousands of home and small business routers worldwide, enabling cybercriminals to mask their identities while executing…

Read more →

Canada’s largest food and pharmacy retailer has announced an ongoing investigation into a recent corporate data breach.On March 10, 2026, the company notified its customers that unauthorized threat actors successfully infiltrated a segment of its IT network. The security incident…

Read more →

Apple has rolled out an emergency security update, iOS 15.8.7 and iPadOS 15.8.7, to protect older devices from a severe threat known as the ‘Coruna’ exploit kit. Released on March 11, 2026, this critical patch backports fixes from newer iOS…

Read more →

Starbucks Corporation has confirmed a data breach affecting an undisclosed number of its employees, exposing highly sensitive personal and financial information after unauthorized actors gained access to internal partner accounts through a sophisticated phishing scheme. On or about February 6,…

Read more →

As cybercriminals continue to weaponize new vulnerabilities, the demand for continuous red-teaming and proactive security assessments has never been higher. Annual penetration tests are no longer enough to secure modern, complex environments. To help security teams stay ahead of advanced…

Read more →

A critical security update has been released for Backup & Replication software to fix severe vulnerabilities that could allow attackers to execute remote code and escalate privileges. Released on March 12, 2026, the latest security patch (Build 12.3.2.4465) is an…

Read more →

A critical warning has been issued about an active threat campaign targeting misconfigured Experience Cloud sites. The notorious threat actor group ShinyHunters has claimed responsibility for a massive data theft operation exploiting overly permissive guest user configurations, reportedly impacting hundreds…

Read more →

Google has released an urgent security update for its Chrome browser after confirming that two high-severity zero-day vulnerabilities are being actively exploited in the wild. The stable channel has been updated to version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75…

Read more →