A critical security update has been released for both the Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, available in versions 18.8.4, 18.7.4, and 18.6.6, fix flaws that could allow attackers to crash servers,…
Tag: Cyber Security News
Windows Notepad Vulnerability Allows Attackers to Execute Code Remotely
Microsoft has patched a critical remote code execution (RCE) flaw in the Windows Notepad app, tracked as CVE-2026-20841, which could let attackers run malicious code on victims’ machines. Disclosed on February 10, 2026, Microsoft Patch Tuesday updates, the vulnerability stems…
Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild to gain SYSTEM-level access. The flaw stems from improper privilege management and was addressed in the February…
Microsoft 365 Admin Center Outage Hits users in North America
Microsoft 365 administrators in North America are grappling with widespread access issues to the Microsoft 365 admin center, as confirmed by the company’s service health dashboard. Issue ID MO1230320 marks a service degradation affecting the core Microsoft 365 suite, disrupting…
FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication
Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow unauthenticated attackers to sidestep LDAP authentication for Agentless VPN or Fortinet Single Sign-On (FSSO) policies. Classified under CWE-305 (Authentication Bypass by Primary Weakness),…
Threat Hunting Is Critical to SOC Maturity but Often Misses Real Attacks
High-performing SOC teams are increasingly turning to sandbox-derived threat intelligence to make threat hunting repeatable and impactful. Tools like ANY.RUN’s TI Lookup enables faster hunts grounded in real attacker behaviours from millions of analyses. Threat hunting remains a cornerstone of…
FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands
Fortinet has disclosed a high-severity cross-site scripting (XSS) vulnerability in its FortiSandbox platform, tracked as CVE-2025-52436 (FG-IR-25-093), that enables unauthenticated attackers to execute arbitrary commands on affected systems. Dubbed an “Improper Neutralization of Input During Web Page Generation” issue (CWE-79),…
Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days
Microsoft released its February 2026 Patch Tuesday updates on February 10, addressing 54 vulnerabilities, including six zero-days across Windows, Office, Azure, and developer tools. The updates fix issues in products like Windows Remote Desktop Services, Microsoft Defender, Azure services, GitHub…
TeamPCP Industrializes Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
TeamPCP, also known as PCPcat, ShellForce, and DeadCatx3, emerged in December 2025 as a sophisticated cloud-native threat actor targeting exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell vulnerabilities. The group launched a massive campaign designed to build…
ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public disclosure on December 4, 2025, threat actors mobilized with alarming speed, launching exploitation attempts against…
SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed
SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to reduce exposure across core enterprise workloads. The release includes 26 new SAP Security Notes and one update to a previously published note. SAP’s monthly bulletin…
Hackers Weaponizing 7-Zip Downloads to Turn Your Home Computers into Proxy Nodes
A deceptive campaign targeting unsuspecting users has emerged, using a counterfeit version of the widely used 7-Zip file archiving software to silently transform home computers into residential proxy nodes. The malicious operation relies on a lookalike domain, 7zip[.]com, which closely…
Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data
Ivanti has released critical security updates for its Endpoint Manager (EPM) platform, addressing two newly discovered vulnerabilities that could enable unauthorized access to sensitive database information and compromise user credentials. The updates, released in version 2024 SU5, also resolve 11…
Attackers Weaponizing Windows Shortcut File to Deliver Global Group Ransomware
The cyber threat landscape is witnessing the resurgence of the Phorpiex botnet, a long-standing malware-as-a-service platform active for over a decade. In a recent high-volume campaign, attackers are distributing phishing emails with the deceptive subject line “Your Document.” These emails…
Windows Error Reporting Service Vulnerability Let Attackers Elevate Privileges – PoC Released
A critical security flaw in Windows Error Reporting Service has been discovered, allowing attackers with standard user access to escalate their privileges to SYSTEM-level control. CVE-2026-20817, patched by Microsoft in January 2026, represents a significant threat to Windows environments due…
VoidLink Linux C2 Highlights LLM-Generated Malware with Multi-Cloud and Kernel-Level Stealth
A sophisticated Linux malware framework known as VoidLink has emerged as a concerning example of AI-assisted threat development, combining advanced multi-cloud targeting capabilities with kernel-level stealth mechanisms. The malware represents a new generation of cyber threats where large language models…
Threat Actors Exploiting React2Shell Vulnerability Using AI-Generated Malware
A fully AI-generated malware campaign actively exploiting the “React2Shell” vulnerability, detected within Darktrace’s “CloudyPots” global honeypot network, the intrusion highlights a critical shift in cybercrime: the weaponization of Large Language Models (LLMs) to lower the barrier of entry for effective…
Threat Actor Claims Leak of Cybercrime-Focused AI Platform WormGPT Database
A threat actor operating under the alias Sythe has claimed responsibility for leaking the complete WormGPT database, a notorious cybercrime-focused artificial intelligence platform that has been sold on dark web forums since 2023. Hackmanac observed that the alleged breach reportedly…
30-Year-Old Libpng Vulnerability Exposes Millions of Systems to Code Execution Attacks
A critical vulnerability has been uncovered in libpng, the official PNG reference library used by practically every operating system and web browser in existence. The flaw, assigned CVE-2026-25646, is a heap buffer overflow in the png_set_quantize() function that allows attackers…
Axios Vulnerability Let Attackers Triggers DoS Condition and Crash Node.js Servers
A high-severity security flaw has been discovered in Axios, one of the most popular HTTP client libraries used in the JavaScript ecosystem. The vulnerability, tracked as CVE-2026-25639, allows remote attackers to trigger a Denial-of-Service (DoS) condition, effectively crashing Node.js servers with a…