Threat actors are leveraging a dangerous new campaign that weaponizes ordinary-looking shipping documents to distribute Remcos, a powerful remote access trojan. This phishing scheme uses fake shipping emails as the entry point, tricking users into opening malicious Word documents disguised…
Tag: Cyber Security News
Multiple 0-day Vulnerabilities in Anthropic Git MCP Server Enables Code Execution
Three zero-day vulnerabilities in mcp-server-git, the reference implementation of Git integration for the Model Context Protocol (MCP). The flaws stem from insufficient input validation and argument sanitization in core Git operations. Through prompt injection, attackers can execute code, delete files,…
Microsoft Teams External Domain Anomalies Allow Defenders to Detect Attackers at Earliest
Microsoft is rolling out a new security feature called the External Domains Anomalies Report for Teams, designed to help IT administrators identify and respond to suspicious external communications before they escalate into data breaches. This proactive monitoring tool, scheduled for…
Hackers Extensively Abuses Visual Studio Code to Execute Malicious Payloads on Victim System
Threat actors linked to North Korea have continued to expand their attack capabilities by weaponizing Microsoft Visual Studio Code, one of the world’s most popular code editors. The Contagious Interview campaign has evolved significantly, shifting from traditional social engineering tactics…
Azure Private Endpoint Deployments Exposes Azure Resources to DoS Attack
A critical architectural flaw in Microsoft Azure’s Private Endpoint implementation that enables denial-of-service (DoS) attacks against production Azure resources. The vulnerability affects over 5% of Azure storage accounts, exposing organizations to service disruptions across Key Vault, CosmosDB, Azure Container Registry,…
Critical Oracle WebLogic Server Proxy Vulnerability Lets Attackers Compromise the Server
Oracle has disclosed a severe security vulnerability affecting its Fusion Middleware suite, specifically targeting the Oracle HTTP Server and the Oracle WebLogic Server Proxy Plug-in. Assigned CVE-2026-21962, this flaw carries the maximum severity rating and poses an immediate threat to…
Attackers Leverages LinkedIn to Deliver Remote Access Trojan Targeting Corporate Environments
A sophisticated phishing campaign is actively exploiting LinkedIn’s trusted social media platform to distribute a dangerous remote access trojan to corporate employees. Attackers are leveraging the professional credibility of LinkedIn to craft convincing messages that appear legitimate, making employees more…
Critical GNU InetUtils Vulnerability Allows Unauthenticated Root Access Via “-f root”
A critical remote authentication bypass vulnerability has been disclosed in GNU InetUtils affecting the telnetd server component. The flaw, reported by a security researcher on January 19, 2026, allows unauthenticated attackers to gain root access by exploiting improper input sanitization…
Google Chrome 144 Update Patches High-Severity V8 Vulnerability
A new Stable-channel release of Chrome version 144 addresses a high-severity vulnerability in the V8 JavaScript engine. The update, version 144.0.7559.96/.97 for Windows and Mac and 144.0.7559.96 for Linux, began rolling out on January 21, 2026, and will reach all…
CISA Releases BRICKSTORM Malware Report with New YARA Rules for VMware vSphere
The Cybersecurity and Infrastructure Security Agency has issued a malware analysis report on BRICKSTORM, a sophisticated backdoor linked to Chinese state-sponsored cyber operations. Released in December 2025 and updated through January 2026, the report identifies this threat targeting VMware vSphere…
New Spear Phishing Attack Leveraging Argentine Federal Court Rulings to Covert RAT for Remote Access
A sophisticated spear-phishing campaign has emerged targeting Argentina’s judicial sector, exploiting trust in legitimate court communications to deliver a dangerous Remote Access Trojan. The campaign uses authentic-looking federal court documents about preventive detention reviews to trick legal professionals into downloading…
WPair – Scanner Tool to Detect WhisperPair Flaw in Google’s Fast Pair Protocol
WPair is an Android application designed to identify and demonstrate the CVE-2025-36911 vulnerability affecting millions of Bluetooth audio devices worldwide. The tool addresses a critical authentication bypass flaw discovered by KU Leuven researchers in Google’s Fast Pair protocol, commonly referred…
Hacker Pleads Guilty For Stealing Supreme Court Documents and Leaking via Instagram
Nicholas Moore, 24, from Springfield, Tennessee, pleaded guilty to unauthorized computer access and fraud, marking a significant case of government cybersecurity breach. Moore hacked multiple U.S. government systems and publicly disclosed sensitive information through social media, exposing critical vulnerabilities in…
Everest Ransomware Group Allegedly Claims to Have Breached McDonald’s India
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive data. The threat actors posted details of the breach on their dark web leak site on January 20, 2026, threatening…
Apache Airflow Vulnerabilities Enables Expose of Sensitive Data
Multiple vulnerabilities in Apache Airflow versions prior to 3.1.6 could reveal sensitive authentication credentials and secrets within logs and user interfaces. Both issues stem from inadequate masking of sensitive data during rendering and logging operations, potentially compromising proxy credentials and…
WordPress Plugin Vulnerability Exposes 100,000+ Sites to Privilege Escalation Attacks
A critical security flaw in the popular Advanced Custom Fields: Extended WordPress plugin has put more than 100,000 websites at risk of full takeover. The vulnerability, tracked as CVE-2025-14533, affects plugin versions up to and including 0.9.2.1 and carries a…
NCSC Warns of Hacktivist Groups Attacking UK Organisations and Online Services
A critical alert issued on January 19, 2026, warned of rising cyber-attacks by Russian-aligned hacktivist groups targeting UK organisations. These state-aligned threat actors are conducting disruptive denial-of-service (DoS) operations against local government authorities. Critical national infrastructure operators are aiming to…
New Study Shows GPT-5.2 Can Reliably Develop Zero-Day Exploits at Scale
A groundbreaking experiment has revealed that advanced language models can now create working exploits for previously unknown security vulnerabilities. Security researcher Sean Heelan recently tested two sophisticated systems built on GPT-5.2 and Opus 4.5, challenging them to develop exploits for…
Raaga Data Breach Exposes 10.2 Million User Records
Indian music streaming platform Raaga suffered a significant data breach in December 2025, compromising the personal information of 10.2 million users. The stolen database was subsequently offered for sale on a prominent underground hacking forum, raising serious concerns about user…
Open Source Firewall OPNsense 25.7.11 Released With Host Discovery Service
The popular open-source firewall and routing platform built on FreeBSD, released version 25.7.11 on January 15, 2026, bringing significant improvements, including a new host discovery service designed to enhance network management capabilities. The release marks an essential incremental update that…