Tag: Cyber Security News

A critical security advisory addressing multiple high-severity vulnerabilities in Jenkins core and the LoadNinja plugin. Issued on March 18, 2026, the alert warns that these flaws could allow attackers to execute arbitrary code and fully compromise continuous integration and continuous…

Read more →

Ransomware attackers have widened their approach to defeating endpoint security, moving well past the technique of exploiting vulnerable drivers. For years, the Bring Your Own Vulnerable Driver (BYOVD) method was the primary way attackers disabled security tools before launching their…

Read more →

An urgent warning highlights a critical zero-day in Cisco products, now added to the CISA Known Exploited Vulnerabilities Catalog after active exploitation in ransomware campaigns. Network defenders and security administrators are urged to take immediate action. The rapid exploitation of…

Read more →

Microsoft has officially announced the general availability of new Microsoft Teams optimizations for the Windows App on both iOS and Android platforms. Released on March 18, 2026, this update introduces the WebRTC Redirector Service to mobile users connecting to Azure…

Read more →

A newly discovered infostealer malware named Speagle has emerged as a serious threat targeting organizations that run Cobra DocGuard, a document security and encryption platform developed by Chinese company EsafeNet. The malware is engineered to blend into its host environment,…

Read more →

A high-severity security flaw has been addressed in Bamboo Data Center, an enterprise platform widely used for software build and release management. Tracked as CVE-2026-21570, this Remote Code Execution (RCE) vulnerability allows authenticated threat actors to execute arbitrary malicious code…

Read more →

Apex is an autonomous, AI-powered penetration testing agent designed to operate in black-box mode against live applications. It does not require access to source code, hints, or predefined attack paths. This enables it to discover, chain, and verify real-world vulnerabilities…

Read more →

SILENTCONNECT is a newly discovered multi-stage malware loader that has been silently targeting Windows machines since at least March 2025. It uses VBScript, in-memory PowerShell execution, and PEB masquerading to install the ConnectWise ScreenConnect remote monitoring and management tool on…

Read more →

A Russian state-linked threat actor has launched a targeted cyberattack against a Ukrainian government agency, exploiting a cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite to steal credentials and sensitive email data. Dubbed “Operation GhostMail,” the campaign stands out for…

Read more →

Authorities have successfully dismantled the command-and-control (C2) infrastructure powering four massive Internet of Things (IoT) botnets. The U.S. Justice Department, collaborating closely with Canadian and German agencies, targeted the administrators and architecture behind the Aisuru, KimWolf, JackSkid, and Mossad botnets.…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert urging organizations to harden their endpoint management system configurations following a cyberattack on Stryker Corporation, a U.S.-based medical technology firm, on March 11, 2026. The attack targeted…

Read more →

CISA has added a high-severity vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-66376, this security flaw is currently facing active exploitation in the wild. Organizations utilizing Zimbra must urgently prioritize remediation…

Read more →

A well-known banking trojan called Horabot has resurfaced in an active campaign targeting users across Mexico, combining a multi-stage infection chain with an email worm that turns every compromised machine into a phishing relay. The threat bundles a Delphi-based banking…

Read more →

Three chained vulnerabilities in Claude.ai, Anthropic’s widely used AI assistant, that together allow attackers to silently exfiltrate sensitive conversation data and redirect unsuspecting users to malicious websites, all without requiring any integrations, tools, or MCP server configurations. The vulnerability chain,…

Read more →

A malicious Python package named pyronut has been discovered on the Python Package Index (PyPI), targeting developers who build Telegram bots by impersonating the popular pyrogram framework. Rather than relying on typosquatting — where a name resembles a legitimate one — the threat actor…

Read more →

The rise of AI-assisted coding has brought real value to developers around the world, but it has also opened a new door for cybercriminals to exploit. A concept known as “vibe coding” — where users simply describe what they want…

Read more →

A popular code editor extension listed on the Open VSX registry was discovered carrying hidden malware that silently fetches and runs a remote access trojan (RAT) and a full infostealer directly onto developer machines without any visible warning sign. The…

Read more →

A critical security flaw in Microsoft SharePoint has been identified as actively exploited, and on March 18, 2026, the vulnerability was officially added to the Known Exploited Vulnerabilities (KEV) catalog. This addition confirms that threat actors are actively exploiting the…

Read more →

A North Korea-linked hacking group known as WaterPlum has introduced a dangerous new malware called StoatWaffle, deploying it through compromised Visual Studio Code (VSCode) repositories disguised as legitimate blockchain development projects to silently infiltrate developer machines.​ WaterPlum has been running…

Read more →

A dangerous new malware implant called SnappyClient has quietly emerged as a serious threat to Windows users, combining remote access, data theft, and sophisticated evasion techniques in one compact C++ package. First spotted in December 2025, this command-and-control (C2) framework…

Read more →