Microsoft released critical fixes for three closely related remote code execution (RCE) vulnerabilities in Microsoft Outlook and Word that stem from low‑level memory‑safety flaws in the Word rendering engine and its integration with Outlook Classic. These bugs, tracked as CVE‑2026‑45456,…
Tag: Cyber Security News
Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters
Mandiant and Google Threat Intelligence Group (GTIG) have issued a critical warning after identifying an active compromise-and-extortion campaign targeting Oracle PeopleSoft infrastructure, attributed to the notorious threat actor UNC6240, also known as ShinyHunters. The campaign exploited CVE-2026-35273, a critical unauthenticated…
Microsoft Teams for Android Vulnerability Allows Attackers to Disclose Sensitive Data
Microsoft has disclosed a significant security vulnerability in Microsoft Teams for Android that could allow an authenticated attacker to expose sensitive information over a network. The flaw, tracked as CVE-2026-42835, was officially released on June 9, 2026, and has been…
Hackers Abuse SniperDz PhaaS Ecosystem for Brand Impersonation and Browser Hijacking
A sophisticated Phishing-as-a-Service (PhaaS) platform called SniperDz has been quietly enabling a wide range of online fraud that goes far beyond basic credential theft. The platform provides cybercriminals with a ready-made toolkit to run convincing scams at scale, targeting victims…
Critical Langflow Vulnerability Exploited to Execute Malicious Code
A critical security vulnerability in Langflow, tracked as CVE-2026-5027, is raising serious concerns after researchers confirmed that attackers can exploit the flaw to execute malicious code on affected systems. The issue stems from improper input validation in the application’s file…
GoFlateLoader Uses Massive PE Overlay to Deliver Lumma, Vidar, and StealC Infostealers
A new malware loader called GoFlateLoader has been quietly spreading across the internet, and what makes it stand out is not how complex it is but how effective a simple trick has made it. Written in the Go programming language,…
OceanLotus APT Compromises FireAnt MetaKit in Supply-Chain Attack on Stock Investors
A notorious hacking group has been caught targeting stock investors in Vietnam through a supply chain attack, hijacking a popular investment software platform to deliver a powerful backdoor. The operation, carried out by OceanLotus (also known as APT32), marks a…
CISA Requires Federal Agencies to Patch Critical Vulnerabilities Within 3 Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 26-04, titled “Prioritizing Security Updates Based on Risk,” compelling all Federal Civilian Executive Branch (FCEB) agencies to remediate the most dangerous known exploited vulnerabilities within just…
Hackers Use BLUERABBIT Backdoor to Encrypt Files and Wipe Disks Across Windows Systems
A newly discovered backdoor called BLUERABBIT has been found targeting Windows systems with a dangerous mix of file encryption, disk wiping, and data theft. First observed in mid-to-late March 2026, the malware is believed to be the work of a…
Hackers Use Weaponized DMG Files to Target macOS Users With Infostealer Malware
Hackers are using weaponized DMG files to target macOS users with infostealer malware, exploiting the long-standing myth that Apple devices are safe from cyber threats. These attacks rely on fake software installers disguised as legitimate apps, tricking users into handing…
CISA Warns of Check Point Security Gateway Vulnerability Actively Exploited in Ransomware Attacks
CISA has added a critical vulnerability in Check Point Security Gateway to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the flaw in ransomware campaigns. The vulnerability, tracked as CVE-2026-50751, allows unauthenticated remote attackers to…
Claude Mythos Turning N-Days Into N-Hours With Rapid Working Exploit Creation
A new study has revealed that advanced large language models (LLMs), particularly Anthropic’s Claude Mythos Preview, are dramatically accelerating the development of N-day exploits, reducing timelines from weeks to just hours and significantly increasing risk during the patch gap. Unlike…
GitHub to Automate Disable npm Script Installs to Block Supply Chain Attacks
GitHub has announced a major security-focused update to the Node Package Manager (npm), introducing breaking changes in the upcoming npm v12 release to reduce software supply chain attack risks significantly. The update, expected in July 2026, will turn off automatic…
Cybercriminals Abuse Chinese-Language Guarantee Marketplaces to Trade Stolen Credentials
A network of Chinese-language online marketplaces operating on Telegram has quietly become one of the most powerful financial engines behind global cybercrime. These platforms, known as “guarantee” or dānbǎo (担保) marketplaces, use an escrow-based trust model to help criminals buy and sell…
Hackers Abuse Residential Proxy Networks to Hide Malicious Activity and Evade Detection
Hackers are getting harder to catch, and residential proxy networks are a key reason why. These services allow attackers to route malicious traffic through everyday home internet connections, making activity look like it is coming from a regular household device…
Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release
Threat actors have begun actively exploiting a critical Ivanti Sentry command injection vulnerability just days after a proof-of-concept (PoC) exploit was made public, according to new internet scanning data from the Shadowserver Foundation. The flaw, tracked as CVE-2026-10520, carries a…
Multiple Splunk Enterprise Vulnerabilities Allow Attackers to Execute Malicious Script
Multiple high and critical vulnerabilities in Splunk Enterprise could allow attackers to execute malicious scripts, exfiltrate sensitive data, and perform unauthorized file operations, according to a series of security advisories released on June 10, 2026. The most severe flaw, tracked…
Hackers Abuse VMware-Signed Binary to Sideload NIGHTFORGE Loader in Espionage Attacks
A newly uncovered espionage operation has been quietly targeting government institutions in Cambodia, and the method behind it is as clever as it is alarming. Threat actors have been abusing a legitimate, digitally signed VMware binary to slip a custom…
GreatXML BitLocker Bypass 0-Day Exploited Via Windows Defender Offline Scan
A newly disclosed zero-day exploit, dubbed GreatXML, enables attackers with physical access to fully bypass BitLocker drive encryption on Windows systems by leveraging an obscure but common side effect of Windows Defender Offline Scan, no login required, under certain conditions.…
Oracle Emergency Security Update to Fix Critical RCE Vulnerability
Oracle has issued an emergency Security Alert to address a critical remote code execution vulnerability (CVE-2026-35273) affecting PeopleSoft Enterprise PeopleTools. The vulnerability carries a CVSS v3.1 score of 9.8, highlighting its severity and the urgent need for remediation across enterprise…