Microsoft has issued a strong warning after multiple zero-day vulnerabilities were publicly disclosed without prior coordination, raising concerns about increased risk to users and enterprise environments. The company stated that recent disclosures exposed critical security flaws before patches were available,…
Tag: Cyber Security News
Veeam Backup & Replication Tool Vulnerability Enables Privilege Escalation Attacks
Veeam has addressed a high-severity vulnerability in its Backup & Replication platform that could enable attackers to escalate privileges and gain deeper access to enterprise systems. The issue impacts Veeam Backup & Replication version 13.0.1.2067 and all earlier version 13…
FortiClient EMS Code Execution Vulnerability Exploited to Deploy EKZ Malware
A newly observed exploitation campaign targeting FortiClient Endpoint Management Server (EMS) has weaponized trusted administrative infrastructure to silently deploy a previously unreported credential stealer across managed enterprise endpoints. In May 2026, Arctic Wolf researchers identified a cluster of malicious activity…
SBI Warns of Scammers are Sending Fake Messages Claiming Your YONO App Will be Deactivated
A new wave of social engineering attacks is targeting millions of State Bank of India customers across the country. Fraudsters are sending fake messages warning users that their YONO banking app will be deactivated unless they update their Aadhaar number…
Silent Ransom Group Targets Law Firms With IT Support Impersonation Attacks
A threat group known as the Silent Ransom Group is actively targeting US-based law firms using a bold and deceptive social engineering playbook. Rather than deploying ransomware in the traditional sense, this group goes straight for the data and then…
Anthropic Updates Claude Code With Security Plugin and Faster Performance
Anthropic has rolled out a significant update to Claude Code, its AI-powered terminal coding tool, introducing a real-time security-guidance plugin alongside performance improvements that promise a smoother developer experience across the board. Security Plugin Catches Vulnerabilities in Real Time The…
FortiClient Code Execution Vulnerability Exploited to Deploy EKZ Malware
A newly observed exploitation campaign targeting FortiClient Endpoint Management Server (EMS) has weaponized trusted administrative infrastructure to silently deploy a previously unreported credential stealer across managed enterprise endpoints. In May 2026, Arctic Wolf researchers identified a cluster of malicious activity…
Hackers Push 22 Versions of npm RAT With Wallet Theft and Persistent Backdoor
A malicious npm package called forge-jsxy has been quietly stealing cryptocurrency wallet keys, browser credentials, and sensitive developer data across Windows, macOS, and Linux systems. Published to the npm registry on May 4, 2026, it pushed out 22 versions in…
Hackers Use Fake ChatGPT and Claude Installers to Deploy DinDoor Backdoor
A new malware campaign is targeting content creators, gamers, and AI enthusiasts by disguising itself as popular software tools like ChatGPT and Claude. The attackers are spreading a dangerous backdoor called DinDoor through fake installers hosted on trusted platforms, catching…
Tycoon 2FA AiTM Kit Bypasses MFA on Entra ID and Google Workspace Accounts
A powerful phishing kit known as Tycoon 2FA has been making waves across the cybersecurity world since it first appeared in August 2023. The kit operates as a Phishing-as-a-Service (PhaaS) platform, meaning cybercriminals can rent and deploy it without building…
Hackers Use Grandoreiro Malware to Target Portuguese Banks and Latin American Companies
A banking trojan that has been quietly operating since 2016 is making headlines again. Grandoreiro, one of the most widespread banking malware strains globally, has resurfaced with fresh campaigns targeting Portuguese banks and companies across Spain, Mexico, and Latin America.…
GHOST STADIUM Phishing Campaign Targets FIFA World Cup Fans With 300+ Fake Domains
As the 2026 FIFA World Cup draws closer, cybercriminals are moving fast to cash in on the excitement. Researchers have uncovered a massive fraud operation targeting fans of the world’s biggest football tournament, with over 300 fake domains already live.…
Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links
Hackers are finding new ways to trick people into downloading malware, and this time, they are hiding behind tools many of us have come to trust. A newly uncovered cryptojacking campaign is abusing AI chatbot interactions to steer unsuspecting users…
How Top CISOs Increase Risk Visibility for Zero Critical Incidents
How many alerts in your SOC are truly business-critical, and how many only look urgent because the team lacks context? This is one of the hardest questions for CISOs today. Without clear visibility, teams can waste time on noise while…
GitHub Enterprise Server 3.20.3 Released With Fox for Critical Vulnerabilities
GitHub has shipped GitHub Enterprise Server (GHES) 3.20.3 as a security‑driven patch release that fixes multiple critical and high‑severity vulnerabilities and rotates the signing key used to validate GHES release packages. Organizations running any earlier 3.20.x build is strongly encouraged…
CISA Warns of LiteSpeed cPanel Plugin Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in the LiteSpeed cPanel Plugin, identified as CVE-2026-48172, which is currently being exploited in real-world attacks. The flaw enables privilege escalation, allowing attackers with basic cPanel access to execute arbitrary…
New BTMOB Malware Lets Attackers Remotely Control Android Devices
New Android malware dubbed BTMOB is arming even low-skilled attackers with full remote control over infected phones by combining a powerful RAT engine with a no-code campaign builder toolkit. The threat, first seen in 2025, is now evolving rapidly through…
Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints
A newly disclosed critical vulnerability, tracked as CVE-2026-48710 and dubbed “BadHost,” is putting thousands of AI-powered applications at risk by enabling authentication bypass through manipulated HTTP headers. The flaw affects Starlette versions before 1.0.1, a core framework widely used in…
Motorola Phones Preinstalled App Found Hijacking Amazon App to Inject Affiliate Codes
A hidden system application bundled with Motorola smartphones has been caught intercepting user-initiated Amazon app launches and silently redirecting them through affiliate tracking URLs, raising serious concerns about supply chain integrity, user consent, and undisclosed revenue practices on premium Android…
Hackers Abuse Trusted Google Domains to Hide Phishing Links From Email Gateways
Phishing attacks are nothing new, but attackers keep finding smarter ways to stay one step ahead of security tools. The latest campaign doing the rounds is a stark reminder that trust, especially the kind organizations place in big-name tech platforms,…