An Israeli spyware firm, Paragon Solutions, accidentally exposed its secretive Graphite control panel in a LinkedIn post, drawing sharp criticism from cybersecurity experts. The blunder offers a rare glimpse into the tool’s operations targeting encrypted communications. Cybersecurity researcher Jurre van…
Tag: Cyber Security News
Russia Blocked WhatsApp For Over 100 Million Users Nationwide
WhatsApp has accused the Russian government of attempting a nationwide block on its messaging service to force over 100 million users onto a Kremlin-backed alternative riddled with surveillance risks. In a statement on X, the Meta-owned app declared: “Today the…
Apple 0-Day Vulnerability Actively Exploited in Sophisticated Attack to Target Individuals
Apple released iOS 26.3 and iPadOS 26.3 on February 11, 2026, patching over 40 vulnerabilities, including a critical zero-day in the dyld component actively exploited in targeted attacks. The update addresses CVE-2026-20700, a memory-corruption flaw discovered by Google’s Threat Analysis…
VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support
A newly tracked intrusion framework called VoidLink is drawing attention for its modular design and focus on Linux systems. It behaves like an implant management framework, letting operators deploy a core implant and add capabilities as needed, which shortens the…
Massive Spike in Attacks Exploiting Ivanti EPMM Systems 0-day Vulnerability
An unprecedented surge in exploitation attempts targeting CVE-2026-1281, a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM). On February 9, 2026, Shadowserver scans revealed over 28,300 unique source IP addresses attempting to exploit the flaw, marking one of the largest…
RU-APT-ChainReaver-L Hijacks Trusted Websites and GitHub Repos in Massive Cross-Platform Supply Chain Campaign
A sophisticated cyber threat has emerged, targeting users across multiple operating systems through compromised mirror websites and GitHub repositories. The RU-APT-ChainReaver-L campaign represents one of the most elaborate supply chain attacks identified recently, affecting Windows, macOS, and iOS platforms simultaneously.…
GTIG Analysis Highlights Escalating Espionage and Supply Chain Risks Facing Defense Sector
Modern warfare extends far beyond physical battlefields, increasingly infiltrating the digital servers and supply chains that safeguard national defense. Today, the sector faces a relentless barrage of cyber operations from state-sponsored actors and criminal groups alike. These attacks no longer…
Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking, CSRF Bypass, and Zero-ID DoS Risk
A severe vulnerability has been discovered in Fiber v2, a popular Go web framework, that could allow attackers to hijack user sessions, bypass security protections, and cause service disruptions. The flaw affects all Fiber v2 versions running on Go 1.23…
BQTLock & GREENBLOOD Ransomware Attacking Organizations to Encrypt and Exfiltrate Data
Two sophisticated ransomware families, BQTLock and GREENBLOOD, have surfaced in the cybersecurity landscape, utilizing contrasting strategies to disrupt business operations and extort victims. While typical ransomware attacks often follow a predictable pattern of immediate encryption, these new strains demonstrate a…
Threat Actors Weaponize ChatGPT, Grok and Leverages Google Ads to Distribute macOS AMOS Stealer
Cybercriminals have developed a sophisticated attack campaign that exploits user trust in artificial intelligence platforms to distribute the Atomic macOS Stealer (AMOS), marking a dangerous evolution in social engineering tactics. This new threat combines legitimate AI chatbot services from ChatGPT…
Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released
A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The flaw, tracked as CVE-2026-25881 with a critical CVSS score of 8.3/10, affects all versions up to 0.8.30 and…
Prometei Botnet Attacking Windows Server to Gain Remote Access and Deploy Malware
A sophisticated attack is targeting Windows Server systems using Prometei, a Russian-linked botnet that has been active since 2016. This multi-functional malware combines cryptocurrency mining, credential theft, and remote-control capabilities to maintain long-term access to compromised systems. The Prometei botnet…
Microsoft Investigates Teams Assignment Errors After Failed Service Update
Microsoft Teams faces widespread disruptions in assignment management, prompting an urgent investigation by the company. Users of Microsoft Teams are encountering error messages when trying to open, set, or delete assignments. The issue stems from a recent backend change that…
Microsoft Releases Critical Windows 11 Cumulative Updates for Versions 25H2, 24H2, and 23H2
In a routine Microsoft Patch Tuesday rollout, essential cumulative updates have been deployed for Windows 11 versions 25H2, 24H2, and 23H2, focusing on improving security amid increasing cyber threats. These updates, KB5077181, KB5075941, and KB5074105, bundle the latest security patches…
Sophisticated Cyber Attack Targets Wedding Industry With Teams-Based Malware Delivery
A sophisticated phishing campaign targets wedding planners and vendors with stealer malware disguised as Microsoft Teams meetings. Security researchers highlight the use of compromised legitimate emails to build trust before delivering payloads. Threat actors impersonate legal professionals in emails from…
Windows Remote Access Connection Manager 0-Day Vulnerability Let Attackers Trigger DoS Attack
Microsoft has patched a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service, tracked as CVE-2026-21525, which allowed attackers to trigger denial-of-service (DoS) conditions on unpatched systems. The flaw, stemming from a NULL pointer dereference (CWE-476), was actively…
Coinbase Cartel Targets High-Value Sectors with Data-Theft-First Extortion Strategy
The ransomware landscape continues to evolve with new threat actors adopting unconventional tactics. Coinbase Cartel emerged in September 2025, quickly claiming 14 victims in its first month of operation. Unlike traditional ransomware groups, this threat actor focuses exclusively on data…
CISA Adds Six Microsoft 0-Day Vulnerabilities to KEV Catalog Following Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities, all affecting Microsoft products. This move underscores escalating threats from nation-state actors and cybercriminals actively exploiting these flaws…
Windows Shell Security Feature 0-Day Vulnerability Let Attackers Bypass Authentication
Microsoft released Microsoft Patch Tuesday updates to address a critical zero-day vulnerability in Windows Shell that is currently being actively exploited in the wild. Tracked as CVE-2026-21510, this security flaw allows remote attackers to bypass essential protection mechanisms, putting millions of…
Socelars Malware Attacking Windows Systems to Steal Sensitive Business Data
A dangerous information-stealing malware called Socelars is actively targeting Windows systems to collect sensitive authentication data, with particular focus on Facebook Ads Manager accounts and session cookies. Unlike traditional malware that causes immediate system damage, Socelars operates silently in the…