The Wireshark Foundation has officially released Wireshark 4.6.3, the latest update to the world’s most popular network protocol analyzer. This release is critical for network administrators, security analysts, and developers, as it addresses multiple security vulnerabilities that could lead to…
Tag: Cyber Security News
3,280,081 Fortinet Devices Online With Exposed Web Properties Under Risk
Over 3,280,081 Fortinet Devices Were exposed, with web properties running vulnerable Fortinet devices affected by CVE-2026-24858, a severe authentication-bypass flaw actively exploited in the wild. The vulnerability, rated 9.4 on the CVSS scale, affects multiple Fortinet product lines, including FortiOS, FortiManager,…
Hackers Weaponized Open VSX Extension with Sophisticated Malware After Reaching 5066 Downloads
A dangerous malware campaign has infiltrated the Open VSX extension marketplace, compromising over 5,000 developer workstations through a fake Angular Language Service extension. The malicious package disguised itself as legitimate development tooling, bundling authentic Angular and TypeScript components alongside encrypted…
Microsoft Releases Update for Windows 11, version 25H2 and 24H2 Systems
Microsoft has officially released the optional non-security preview update KB5074105 for Windows 11, versions 25H2 and 24H2. This release, part of the January 2026 “C-week” schedule, focuses on functionality enhancements, performance optimization, and reliability improvements rather than addressing security vulnerabilities.…
Python-based PyRAT with Cross-Platform Capabilities and Extensive Remote Access Features
A new Python-based remote access trojan has emerged, targeting both Windows and Linux systems with sophisticated surveillance and data theft capabilities. The malware operates by establishing command-and-control communication through unencrypted HTTP channels, allowing attackers to execute commands, steal files, and…
Beware of Weaponized VS Code Extension Named ClawdBot Agent that Deploys ScreenConnect RAT
A malicious VS Code extension has surfaced in the digital threat landscape, targeting developers who rely on coding tools daily. Discovered on January 27, 2026, the fake “ClawdBot Agent” extension presented itself as a legitimate AI-powered assistant, but it concealed…
Threat Actors Leverage Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites
Cybercriminals are taking advantage of Google Search Ads to trick Mac users into visiting fake websites that promise to clean their computers. These sponsored ads appear when users search for common terms like “mac cleaner” or “clear cache macos,” making…
Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS
Threat researchers have uncovered an actively serving command and control server hosting a complete deployment of the BYOB framework following the discovery of an exposed open directory. The server, located at IP address 38[.]255[.]43[.]60 on port 8081, was found distributing…
TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware
A sophisticated cybercriminal group known as TA584 has expanded its attack toolkit by deploying a new malware called Tsundere Bot through deceptive social engineering tactics. This threat actor, tracked as an initial access broker, has significantly intensified operations throughout 2025,…
31.4 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
The Aisuru/Kimwolf botnet unleashed the largest publicly disclosed distributed denial-of-service (DDoS) attack in history, peaking at an unprecedented 31.4 terabits per second (Tbps). The massive attack, dubbed “The Night Before Christmas” campaign, targeted Cloudflare’s infrastructure and customers with hyper-volumetric attacks…
Essential E-Signature Solutions for Cybersecurity in 2026
E-signatures are now part of your security posture. In 2026, most organizations sign contracts, approvals, onboarding packets, and financial documents electronically. That increases exposure to account takeover, identity theft, document tampering, and audit gaps—especially when teams rely on weak methods…
Matanbuchus Malware Downloader Evading AV Detections by Changing Components
Matanbuchus is once again drawing attention in the cybersecurity community as it quietly returns to the threat landscape with refined tactics and better tools to avoid detection. This malware, known for its role as a stealthy downloader, is actively being…
CISA Warns of FortiCloud SSO Authentication Bypass Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical authentication bypass vulnerability in multiple Fortinet products, actively exploited in the wild. Tracked as CVE-2026-24858, the flaw allows attackers with a FortiCloud account to hijack…
Google Announces Android Theft Protection Feature to Make Your Device Harder Target for Hackers
Google has rolled out a comprehensive update to Android’s theft protection capabilities, introducing stronger authentication safeguards and enhanced recovery tools designed to protect users before, during, and after theft attempts. The multi-layered defense system, announced on January 26, 2026, builds…
eSkimming Attacks Fuelled with Persistent Threats, Evolving Tactics, and Unfinished Recovery
eSkimming attacks, commonly known as Magecart attacks, continue to plague e-commerce websites across the globe, stealing payment card data from unsuspecting customers at checkout. These malicious campaigns inject JavaScript code into compromised websites, capturing sensitive financial information as users complete…
Hackers Exploiting FreePBX Vulnerability to Deploy Webshell and Gain Control of Systems
A sophisticated attack campaign leveraging a critical FreePBX vulnerability to deploy a persistent webshell dubbed “EncystPHP,” enabling threat actors to gain complete administrative control over compromised VoIP systems. The campaign, launched in early December 2025, exploits CVE-2025-64328, a post-authentication command-injection…
Cal.com Broken Access Controls Exposes Millions of Bookings and Leads to Complete Account Takeover
Cal.com, an open-source scheduling platform that millions of people use to book meetings and manage their calendars, recently faced a serious security problem. The platform provides an alternative to tools like Calendly, offering features like calendar syncing, team scheduling, and…
Microsoft 365 Outlook Add-ins Weaponized to Exfiltrate Sensitive Email Data Without Leaving Traces
A significant architectural blind spot in the Microsoft 365 ecosystem that allows threat actors to exfiltrate sensitive email data without leaving forensic traces. Dubbed “Exfil Out&Look,” this attack technique leverages the Outlook add-in framework to intercept outgoing communications stealthily. Unlike…
Google Disrupted World’s Largest IPIDEA Residential Proxy Network
Google and its partners launched a major operation this week to shut down what security experts consider one of the world’s largest residential proxy networks: IPIDEA. The proxy service operates by routing internet traffic through millions of everyday consumer devices…
Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer
A severe security flaw in IDIS IP cameras has emerged, allowing attackers to gain complete control over a victim’s computer with just one click. The vulnerability, tracked as CVE-2025-12556, targets the IDIS Cloud Manager (ICM) Viewer, a Windows-based application used…