The Apache Software Foundation released Apache HTTP Server version 2.4.68 on June 8, 2026, addressing 13 security vulnerabilities spanning multiple modules. The patched flaws include use-after-free conditions, cross-site scripting, heap-based buffer overflows, denial-of-service, privilege escalation, and out-of-bounds read issues affecting…
Tag: Cyber Security News
New China-Linked Threat Cluster OP-512 Targets IIS Servers With Cryptographically Unique Web Shell Framework
A newly identified threat cluster with suspected ties to China has been caught targeting Internet Information Services (IIS) web servers using a purpose-built web shell framework. Tracked as OP-512, this group stands out for deploying tools designed to evade every…
Check Point VPN 0-day Vulnerability Exploited in the Wild to Deploy Ransomware
Check Point Research has uncovered active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability (CVSS 9.3) in Check Point Remote Access VPN and Mobile Access deployments, with confirmed post-compromise activity linked to the Qilin ransomware gang. CVE-2026-50751 targets deployments configured…
Malspam Attack Uses Google DoubleClick Redirects to Deliver Fileless .NET Loader
Cybercriminals have found a new way to sneak malware past email security tools, and this time they are hiding behind a name that most systems trust without question. A recent malspam campaign has been caught using Google’s own DoubleClick ad-tracking…
New Pink Hacking Group Attacking Enterprise Users to Steal Cloud Storage Passwords
A newly identified extortion group called Pink has emerged as a serious threat to enterprise organizations, using social engineering tactics to steal cloud storage credentials and sensitive data. The group, tracked under the cluster code CL-CRI-1147, launched its dedicated data…
New Linux Kernel Vulnerability Lets Attackers Escalate Privileges to Root
A use-after-free vulnerability in the Linux kernel’s nftables subsystem has been disclosed, enabling unprivileged local attackers to escalate privileges to root on widely deployed distributions including Debian Bookworm, Debian Trixie, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. Tracked as CVE-2026-23111,…
Chrome Patches 429 Vulnerabilities Including 22 Critical Ones – Update Now!
Chrome users should treat the latest stable update as an urgent security priority, with Google patching 429 vulnerabilities, including 22 rated critical, in Chrome 149.0.7827.53 across Windows, macOS, Linux and Chrome for iOS. Google has promoted Chrome 149.0.7827.53 to the…
WhatsApp Disrupts NSO-Linked Cyberattack Targeting Users with Pegasus Spyware
Meta’s WhatsApp has identified and disrupted a fresh wave of spear-phishing campaigns linked to NSO Group, the Israeli spyware firm blacklisted by the U.S. government, and is now asking a federal court to hold the company in contempt for violating…
New Lucid Stealer Targets 18 Browsers, Crypto Wallets, and Discord Tokens With Hidden Remote Access
A newly identified piece of Windows malware is raising serious concerns among cybersecurity professionals for its wide reach and unusually deep set of capabilities. Discovered through underground channels linked to Telegram, the threat known as Lucid Stealer goes far beyond…
UNC3753 Attacking US Law Firms Using Vishing and RMM Tools to Exfiltrate Data
A sophisticated cybercriminal group known as UNC3753 has been running an aggressive campaign against US law firms since early 2026, using phone calls, screen-sharing tricks, and remote monitoring software to break into corporate systems and steal sensitive files. The group…
OWASP Releases AI Security Report to Empower Security Professionals with New Tools
OWASP has released the “State of Agentic AI Security and Governance v2.01” report, a technical blueprint aimed at security teams racing to secure rapidly proliferating autonomous AI agents in production. The report, part of the OWASP GenAI Security Project’s Agentic…
Internet Explorer WebBrowser Control Attack Chain Turns Clicks Into RCE
Internet Explorer’s legacy WebBrowser control can still be abused to turn a single user click into full remote code execution (RCE) on Windows systems, even though the browser is officially retired. PT Security observed that by exploiting IE’s zone model,…
Critical Redis RCE Vulnerability Enable Attackers to Gain Complete Control to Host Server
In May 2026, Redis developers fixed a dangerous post-authentication remote code execution vulnerability, dubbed DarkReplica (CVE-2026-23631), that allowed attackers to gain full control of a Redis host. Redis provides powerful server-side Lua engines, allowing administrators to run custom logic directly…
UniFi OS Server Critical RCE Chain Allows Root Access Without Credentials
A critical vulnerability chain in the UniFi OS Server software has put thousands of organizations at serious risk. Researchers confirmed that an attacker can gain full root access to affected devices without a single credential, turning one unauthenticated request into…
Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts
Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products, warning that authenticated attackers could inject malicious scripts to perform administrative actions within the environment. Tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, the…
Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams
The 2026 FIFA World Cup is not just a celebration of football. For cybercriminals, it is a business opportunity, and they have already gotten to work. Threat actors have been building fake FIFA stores, spinning up phishing pages, and launching…
Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workflow Secrets
AI-powered coding tools are rapidly changing how developers build and ship software. But as these tools enter everyday development pipelines, they are also opening new doors for attackers. A recently uncovered vulnerability in a widely used AI coding assistant shows…
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens
A five-step attack chain that silently redirects Claude Code’s Model Context Protocol (MCP) traffic through attacker-controlled infrastructure, intercepting OAuth bearer tokens that grant persistent, broadly scoped access to connected SaaS platforms like Jira, Confluence, and GitHub with no patch incoming…
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their processes or injecting code, but by quietly choking their network bandwidth to near-zero using Windows’ native…
Instagram Fixes Password Reset Flaw That Exposes User Emails and Phone Numbers
A critical logic bug in Instagram’s web-based password reset flow on June 6, 2026, exposed unredacted email addresses and phone numbers associated with user accounts, including those belonging to high-profile individuals such as Meta CEO Mark Zuckerberg and model Georgina…