Tag: Cyber Security News

CrowdStrike has issued an urgent security advisory for a critical unauthenticated path-traversal vulnerability (CVE-2026-40050) affecting its LogScale platform, warning that a remote attacker could exploit the flaw to read arbitrary files directly from the server’s filesystem without authentication. The vulnerability…

Read more →

A state-linked threat group has been caught running a quiet but carefully planned espionage operation against India’s banking sector, using a trusted Microsoft-signed file to slip malware past security defenses. The campaign delivers a new version of the LOTUSLITE backdoor…

Read more →

Microsoft has issued an emergency out-of-band (OOB) security update for .NET 10, releasing version 10.0.7 on April 21, 2026, to address a critical elevation of privilege vulnerability discovered in the Microsoft.AspNetCore.DataProtection NuGet package. The out-of-band release was prompted after customers…

Read more →

A group of unauthorized users has reportedly breached access controls surrounding Claude Mythos Preview, Anthropic’s powerful and closely guarded AI-driven cybersecurity tool, raising serious concerns about third-party vendor security and the risks of placing advanced offensive AI capabilities in the…

Read more →

A new and sophisticated malware campaign has been discovered, using a remote access trojan (RAT) called PureRAT to silently compromise Windows systems. What makes this campaign stand out is how cleverly it hides malicious code inside ordinary-looking PNG image files.…

Read more →

A new and more dangerous version of the NGate malware has been found hiding inside a trojanized NFC payment application. This time, threat actors appear to have used artificial intelligence to help write the malicious code, which marks a significant…

Read more →

SOC maturity comes down to the quality of decisions. Yet in many teams, those decisions are still made based on fragmented intelligence and outdated indicators. This is where progress stalls: threat data remains external to the workflow.  Mature SOCs take…

Read more →

More than 6,000 internet-exposed Apache ActiveMQ instances are still vulnerable to CVE-2026-34197. This newly tracked security flaw has now been added to the U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities (KEV) catalog. The exposure data comes from The Shadowserver Foundation, which…

Read more →

CISA has added three critical Cisco Catalyst SD-WAN Manager vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies and organizations to act immediately. All three flaws were added on April 20, 2026, with a tight remediation deadline of…

Read more →

Cybersecurity researchers have uncovered a sophisticated phishing technique that targets software developers by abusing GitHub’s own notification system to deliver malicious OAuth app authorization requests. This attack is particularly dangerous because it uses GitHub’s trusted infrastructure, making it extremely hard…

Read more →

A critical vulnerability in the SGLang inference server that allows threat actors to execute arbitrary code. Tracked as CVE-2026-5760, this flaw allows hackers to weaponize standard GGUF machine learning models to compromise the underlying servers that host them. As enterprise…

Read more →

A massive malware campaign known as “StealTok” involves at least 12 interrelated browser extensions. These extensions masquerade as TikTok video downloaders but secretly track user activity and harvest sensitive data. The campaign uncovered by LayerX security has affected over 130,000…

Read more →

Artificial intelligence is reshaping cybercrime in ways that defenders can no longer treat as distant or theoretical. New frontier AI models are showing a growing ability to find software flaws, understand attack paths, and help move an intrusion from one…

Read more →

A new ransomware-as-a-service (RaaS) operation known as “The Gentlemen” has emerged as a serious threat to corporate networks worldwide. Since appearing around mid-2025, this group has rapidly grown into a well-organized criminal platform, publicly claiming over 320 victims, with most…

Read more →

A real-world intrusion campaign leveraging publicly available Nightmare-Eclipse privilege escalation tooling, BlueHammer, RedSun, and UnDefend, following what appears to be unauthorized access through a compromised FortiGate SSL VPN. The incident marks the first confirmed in-the-wild deployment of these tools against…

Read more →

A well-known advanced persistent threat group called SideWinder has launched a highly targeted phishing campaign against South Asian government organizations, using a fake Chrome PDF viewer and a pixel-perfect clone of the Zimbra email login portal to steal employee credentials.…

Read more →

A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes GitHub pull request titles, issue bodies, and issue comments to hijack AI coding agents and steal API keys and access tokens directly from…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about severe vulnerabilities in Gardyn Home Kit smart garden systems. Carrying a maximum severity score of 9.3 out of 10, these flaws could allow unauthenticated attackers to hijack…

Read more →

A British man has pleaded guilty in the United States to his role in a large cybercrime scheme that used SMS phishing, company network intrusions, and SIM swapping to steal at least $1 million in virtual currency from victims across…

Read more →

Cybersecurity researchers, working in partnership with OpenAI, have uncovered a fascinating and severe vulnerability in iTerm2, a widely used macOS terminal emulator. According to Califio, the flaw abuses the application’s SSH integration feature, allowing attackers to turn seemingly harmless text…

Read more →