Tag: Cyber Security News

A suspected India-aligned threat group known as SloppyLemming has been conducting a sustained espionage campaign against government agencies, defense organizations, nuclear oversight bodies, and critical infrastructure operators in Pakistan and Bangladesh. Active since 2021 and also tracked as Outrider Tiger…

Read more →

A Mirai-based botnet campaign known as Zerobot has resurfaced with renewed force, this time targeting critical flaws in Tenda AC1206 routers and the n8n workflow automation platform. The campaign, now operating on its ninth known iteration — dubbed zerobotv9 —…

Read more →

A new active phishing attack that exploits OAuth’s legitimate redirection behavior, allowing it to bypass traditional email and browser defenses without stealing any tokens. According to Microsoft Defender researchers, the campaigns primarily target government and public-sector organizations, using trusted identity…

Read more →

A threat actor operating under the alias FulcrumSec has publicly claimed responsibility for a fresh breach of LexisNexis Legal & Professional, the legal information division of RELX Group, alleging the exfiltration of 2.04 GB of structured data from the company’s…

Read more →

A threat actor tracked as D-Shortiez has been running a persistent malvertising campaign that turns a WebKit browser behavior into a trap, forcing iOS Safari users into scam pages with no easy way out. The campaign is not entirely new…

Read more →

On February 28, 2026, the United States and Israel launched a coordinated offensive — code-named Operation Epic Fury by the U.S. and Operation Roaring Lion by Israel — setting off a wide-ranging cyber conflict that spread across the Middle East…

Read more →

Telegram, once widely recognized as a privacy-focused messaging application, has quietly transformed into one of the most powerful operational platforms used by cybercriminals today. What dark web forums once offered — anonymity, exclusive access, and a marketplace for stolen data…

Read more →

A critical vulnerability in a popular AI application platform allows attackers to remotely execute harmful code through its CSV data-processing agent. The vulnerability, tracked as CVE-2026-27966, was recently disclosed and given a critical severity score of 10.0 out of 10.…

Read more →

Google has announced a major initiative to protect HTTPS connections from the emerging threats posed by quantum computing. Working with the Internet Engineering Task Force (IETF) and its “PKI, Logs, And Tree Signatures” (PLANTS) working group, Chrome is spearheading the…

Read more →

A new malvertising campaign is actively targeting macOS users worldwide, delivering a new variant of the AMOS infostealer called “malext.” Attackers are purchasing Google Search ads that push victims toward fake help articles on free text-sharing websites, where a deceptive…

Read more →

In boardrooms and security operations centers alike, one metric has risen from a niche KPI to a defining measure of organizational resilience: Mean Time to Respond (MTTR). But why has this particular number captured so much attention, and does it…

Read more →

Between February 21 and February 28, 2026, an autonomous bot named hackerbot-claw launched a week-long attack campaign against major open source repositories. It targeted GitHub Actions CI/CD pipelines belonging to Microsoft, DataDog, the Cloud Native Computing Foundation, and several other…

Read more →

Anthropic has introduced a new memory import tool for Claude that allows users to seamlessly transfer their stored preferences, habits, and context from other AI platforms, including ChatGPT, Google Gemini, and Microsoft Copilot, directly into Claude’s memory system, eliminating the…

Read more →

A new information-stealing malware called AuraStealer has been making its presence felt across the cybersecurity landscape since mid-2025. Developed and actively maintained by a group of Russian-speaking individuals, the malware first appeared on underground hacker forums in July 2025, shortly…

Read more →

Google has released its highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month in recent…

Read more →

A new artificial intelligence (AI) offensive security tool called CyberStrikeAI, which is being actively leveraged by threat actors to target edge devices, particularly Fortinet FortiGate appliances. This open-source platform, developed by a China-based individual with potential ties to state-sponsored operations,…

Read more →

A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded…

Read more →

A high-severity security vulnerability has been discovered in Google Chrome’s integrated Gemini AI assistant, exposing users to unauthorized camera and microphone access, local file theft, and phishing attacks, all without requiring any user interaction beyond launching the browser’s built-in AI…

Read more →

On March 2, 2026, Anthropic’s artificial intelligence assistant, Claude, experienced a significant global outage that disrupted workflows for users and developers worldwide. Organizations relying on the AI model for daily threat intelligence reporting, code generation, and automated security analysis faced…

Read more →

A zero-day vulnerability in the Microsoft HTML (MSHTML) framework was actively exploited in the wild. The vulnerability, tracked as CVE-2026-21513, allows attackers to bypass security features and execute arbitrary files. With a CVSS score of 8.8, it impacts all Windows…

Read more →