Tag: Cyber Security News

Threat actors are actively exploiting a maximum-severity remote code execution (RCE) vulnerability in Flowise, an open-source platform used for building AI agents and customized large language model workflows. The critical flaw, tracked as CVE-2025-59528 with a CVSS score of 10.0,…

Read more →

Microsoft 365 tenants in the Middle East are facing a new password spray campaign tied to an Iran-linked threat actor. Rather than starting with malware files or software exploits, the attackers are trying to break in through weak passwords and…

Read more →

Microsoft has officially rolled out its latest security intelligence update for Microsoft Defender Antivirus, delivering crucial protections for Windows 11, Windows 10, and Windows Server installation images. This vital release ensures that Microsoft’s built-in antimalware solutions are fully equipped to identify…

Read more →

A threat actor has been running an active campaign on Reddit, using fake posts that promise free TradingView Premium access to deliver two malware families — Vidar on Windows and AMOS on macOS. The operation is still live, with new…

Read more →

The integration of AI coding agents has introduced new, high-impact attack surfaces for development teams. Phantom Labs at BeyondTrust recently discovered a critical command-injection vulnerability in OpenAI Codex. This flaw allowed attackers to steal sensitive GitHub User Access Tokens. By…

Read more →

A critical security flaw in the popular WordPress plugin “Ninja Forms – File Upload” has left approximately 50,000 websites vulnerable to complete takeover. Tracked as CVE-2026-0740, this flaw boasts a maximum CVSS severity score of 9.8, making it a severe…

Read more →

A new ransomware campaign is putting organizations on high alert. A financially motivated threat group known as Storm-1175 has been running fast-paced attacks targeting vulnerable, internet-facing systems — and deploying the Medusa ransomware as the final blow. What makes this…

Read more →

A security researcher operating under the alias Chaotic Eclipse (@ChaoticEclipse0) has publicly dropped a working zero-day local privilege escalation (LPE) exploit for Windows, dubbed BlueHammer, along with full proof-of-concept (PoC) source code on GitHub. The disclosure was confirmed by vulnerability researcher Will Dormann, who…

Read more →

A malicious Python package has been discovered on PyPI that disguises itself as a privacy-focused AI inference tool while quietly stealing sensitive user data in the background. Named hermes-px, the package marketed itself as a “Secure AI Inference Proxy” that routes…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, mandating federal agencies to remediate by April…

Read more →

A viral video circulating in cybersecurity and crypto circles has exposed a novel and surprisingly simple technique for unmasking North Korean state-sponsored IT workers attempting to infiltrate Western organizations: asking them to insult their Supreme Leader. The footage shows a…

Read more →

North Korea’s cyber program has fundamentally shifted how it builds and deploys malware. Rather than relying on one all-purpose hacking tool, the regime has assembled a fragmented ecosystem of purpose-built malware families, each aligned to a specific mission. This shift…

Read more →

A new attack campaign is actively targeting open-source repositories on GitHub by carefully disguising malicious code as completely routine CI build configuration updates. The campaign, prt-scan exploits a widely misused GitHub Actions workflow trigger to steal sensitive tokens, credentials, and…

Read more →

The largest decentralized perpetual futures exchange on the Solana blockchain — became the target of a massive and well-orchestrated theft on April 1, 2026, Drift Protocol. Unknown attackers managed to drain $286 million in digital assets from the platform’s core…

Read more →

One of the most widely used JavaScript libraries in the world was turned into a weapon on March 30, 2026, when attackers poisoned the Axios npm package and silently deployed malware on developer machines running Windows, macOS, and Linux. With…

Read more →

A new supply chain attack targeting developers after threat actors compromised the official WordPress domain for ILSpy on April 6, 2026. Instead of providing the legitimate software, the hijacked website began redirecting visitors to a malicious webpage to deliver malware.…

Read more →

A maximum-severity vulnerability in Dgraph, a popular open-source graph database. Tracked as CVE-2026-34976, this critical flaw carries a perfect CVSS score of 10.0. It allows unauthenticated remote attackers to bypass all security controls, overwrite entire databases, read sensitive server files,…

Read more →

The Apache Software Foundation has released emergency security updates to address two severe vulnerabilities in the Apache Traffic Server (ATS). ATS operates as a high-performance web proxy cache that improves network efficiency and handles massive volumes of enterprise web traffic.…

Read more →

Google’s Vulnerability Reward Program (VRP) celebrated its 15th anniversary in 2025 by breaking every payout record in its history. The tech giant awarded a staggering $17 million to external security researchers worldwide, representing a massive 40% surge compared to 2024.…

Read more →

Cybercriminals are launching a sophisticated new wave of attacks using fake Microsoft Teams domains. According to recent threat intelligence shared by SEAL Org, hackers are actively tricking corporate users into downloading malicious payloads by mimicking the widely used communication platform. As…

Read more →