Tag: Cyber Security News

The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…

Read more →

A critical vulnerability in OpenClaw, the open-source AI personal assistant trusted by over 100,000 developers, has been discovered and weaponized into a devastating one-click remote code execution exploit. Security researchers at depthfirst General Security Intelligence uncovered a logic flaw that,…

Read more →

The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…

Read more →

A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The vulnerability, tracked as CVE-2025-26385, carries a maximum CVSS v3 severity score of 10.0, indicating the highest level of risk to affected infrastructure.…

Read more →

A critical vulnerability in Moltbook, the nascent AI agent social network launched late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for its registered entities amid hype over 1.5 million “users.” Researchers revealed…

Read more →

AutoPentestX, an open-source automated penetration testing toolkit for Linux systems, enables comprehensive security assessments from a single command. Developed by Gowtham Darkseid and released in November 2025, it generates professional PDF reports while emphasizing safe, non-destructive testing. AutoPentestX targets Kali…

Read more →

The latest update to the Metasploit Framework this week provides a significant enhancement for penetration testers and red teamers, introducing seven new exploit modules targeting commonly used enterprise software. The highlight of this release is a sophisticated trio of modules…

Read more →

A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked as CVE-2025-0921, affects supervisory control and data acquisition infrastructure widely deployed across automotive, energy, and…

Read more →

A significant security discovery reveals that approximately 175,000 Ollama servers remain publicly accessible across the internet, creating a serious risk for widespread code execution and unauthorized access to external systems. Ollama, an open-source framework designed to run artificial intelligence models…

Read more →

A new wave of targeted attacks has emerged against Internet Information Services (IIS) servers across Asia, with threat actors deploying sophisticated malware designed to compromise vulnerable systems. The campaign, active from late 2025 through early 2026, focuses primarily on victims…

Read more →

A federal jury has convicted Linwei Ding, 38, a former Google software engineer, on charges of economic espionage and trade secret theft. The conviction stems from Ding’s systematic theft of over 2,000 pages of confidential Google documentation on artificial intelligence…

Read more →

A sophisticated PowerShell-based malware named TAMECAT has emerged as a critical threat to enterprise security, targeting login credentials stored in Microsoft Edge and Chrome browsers. This malware operates as part of espionage campaigns conducted by APT42, an Iranian state-sponsored cyber-espionage…

Read more →

A new Android threat campaign has emerged that uses social engineering combined with a legitimate machine learning platform to spread dangerous malware across devices. The attack begins when users see fake security alerts claiming their phones are infected and need…

Read more →

NVIDIA has issued a critical security update addressing multiple high-severity vulnerabilities in its GPU Display Driver, vGPU software, and HD Audio components. That could enable attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities, disclosed on…

Read more →

A critical security breach has exposed multiple Magento e-commerce platforms worldwide as threat actors successfully exploited a severe authentication flaw to achieve complete system control. The attack campaign, identified in January 2026, represents one of the most significant waves of…

Read more →

A new Android spyware campaign has emerged, targeting users in Pakistan through a sophisticated romance scam that uses fake dating profiles to steal personal information. The malicious application, known as GhostChat, disguises itself as a legitimate chat platform while secretly…

Read more →

A dangerous malware campaign has infiltrated the Open VSX extension marketplace, compromising over 5,000 developer workstations through a fake Angular Language Service extension. The malicious package disguised itself as legitimate development tooling, bundling authentic Angular and TypeScript components alongside encrypted…

Read more →

A new security feature is being added to Teams to help organizations detect and stop voice-based scams and phishing attacks. The new “Report a Call” button will allow users to flag suspicious one-to-one calls directly from their Teams call history.…

Read more →

Security researchers have uncovered a sophisticated traffic distribution network leveraging deceptive education-themed domains to deliver malware and phishing attacks. The operation, tracked under infrastructure indicators pointing to TOXICSNAKE, uses legitimate-looking university and educational institution branding to deceive users into visiting…

Read more →

Two critical code-injection vulnerabilities have been disclosed in the Endpoint Manager Mobile (EPMM) platform, which are currently being actively exploited in real-world attacks. The security flaws, tracked as CVE-2026-1281 and CVE-2026-1340, allow unauthenticated attackers to execute arbitrary code remotely on…

Read more →