The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to organizations regarding two severe Microsoft vulnerabilities. On April 13, 2026, the agency officially added flaws affecting Microsoft Exchange Server and the Windows Common Log File System (CLFS)…
Tag: Cyber Security News
Ivanti Neurons for ITSM Vulnerabilities Allow Remote Attacker to Obtain User Sessions
Ivanti has released security updates addressing two medium-severity vulnerabilities in Ivanti Neurons for ITSM (N-ITSM), its on-premise IT service management platform. The flaws, if exploited, could allow remote authenticated attackers to retain unauthorized access or harvest session data from other…
Critical etcd Auth Bypass Flaw Allows Unauthorized Access to Sensitive Cluster APIs
A critical authentication bypass vulnerability has emerged in etcd, the foundational distributed key-value store that supports countless cloud-native systems and Kubernetes clusters globally. Tracked as CVE-2026-33413, this high-severity flaw carries a CVSS score of 8.8. It enables attackers to access…
New Mirax Android RAT Turns Infected Phones Into Residential Proxy Nodes
A newly discovered Android malware called Mirax has been quietly circulating in underground criminal forums since late 2025, posing a growing threat to mobile users across Europe and beyond. What sets it apart from typical banking trojans is its dual…
New Janela RAT Campaign Uses Fake MSI Installers and Malicious Browser Extensions to Steal Data
A new malware campaign involving a Remote Access Trojan called Janela RAT has been actively targeting financial institutions and cryptocurrency platforms across Latin America. The threat actors behind this attack are using fake MSI installer files and malicious browser extensions…
CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injection vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. This…
Codex Hacks Samsung TV to Root by Exploiting World-Writable Driver Interfaces
OpenAI’s Codex AI model successfully escalated privileges to root on a real Samsung Smart TV by exploiting world-writable kernel driver interfaces — a finding that raises serious questions about how hardware vendors handle device security on consumer electronics. The experiment,…
Hackers Leave Credential Stuffing Botnet Wide Open With Full Worker Access and Root Passwords
A live credential stuffing botnet targeting Twitter/X accounts has been found completely exposed to the internet, with no password required to access its control panel, worker server credentials, or real-time attack data. The exposed system, running under the name “Twitter…
New PlugX USB Worm Spreads Across Multiple Continents Using DLL Sideloading
A newly discovered variant of the PlugX worm is silently crossing borders by hiding inside USB drives, and it has already been detected on multiple continents spanning nearly ten time zones. First spotted in Papua New Guinea in August 2022,…
Hackers Bypass Phishing Emails and Target Okta Identity Systems Instead
Cybercriminals are changing the way they break into organizations. Instead of sending malicious emails and waiting for someone to click a link, attackers are now picking up the phone and calling their way into corporate systems. This shift is one…
Hackers Weaponize Obsidian Shell Commands Plugin to Launch Cross-Platform Malware Attacks
Threat actors have found a clever way to abuse a trusted productivity tool to deliver malware. By weaponizing Obsidian’s Shell Commands community plugin, attackers are quietly executing malicious code on victims’ machines — all without exploiting a single software vulnerability.…
Hackers Use 108 Chrome Extensions to Steal User Data Through Shared C2 Infrastructure
A widespread cyber espionage campaign leveraging 108 malicious Google Chrome extensions. According to a recent report by Socket, these extensions are explicitly designed to steal sensitive user data and hijack active web sessions. The attackers manage this extensive operation through…
Researcher Reverse Engineered 0-Day Used to Disable CrowdStrike EDR
A cybersecurity researcher has uncovered a new Bring Your Own Vulnerable Driver (BYOVD) attack that can turn off top-tier endpoint security solutions, including CrowdStrike Falcon. By reverse-engineering a previously unknown zero-day kernel driver, the researcher revealed how threat actors use…
W3LL Phishing Kit Takedown Hits Global Credential Theft and MFA Bypass Operation
The FBI Atlanta Field Office, working in a historic joint operation with Indonesian law enforcement, has successfully dismantled a massive global phishing network. The investigation targeted the notorious W3LL phishing kit, a sophisticated toolset that enabled cybercriminals to bypass multi-factor…
APT41 Turns Linux Cloud Servers Into Credential Theft Targets With New Winnti Backdoor
APT41 is once again pushing its Linux capabilities forward, this time by quietly turning cloud servers into powerful credential theft platforms. The group’s latest Winnti-family backdoor is a zero‑detection ELF implant designed specifically for Linux workloads running on AWS, Google…
Booking.com Confirms Data Breach — Hackers Accessed Customers’ Personal Information
Global travel booking giant Booking.com has confirmed a cyberattack in which unauthorized third parties gained access to customers’ personal data, including names, email addresses, phone numbers, and reservation details, raising immediate concerns about downstream phishing attacks targeting millions of travelers…
Hackers Use Fake Proxifier Installer on GitHub to Spread ClipBanker Crypto-Stealing Malware
A dangerous malware campaign has been silently targeting cryptocurrency users by hiding inside a fake version of Proxifier, a popular proxy software tool. Threat actors set up a GitHub repository designed to look like a legitimate Proxifier download, but the…
Rockstar’s GTA Game Hacked – Attackers published 78.6 Million Records Online
Rockstar Games has confirmed a data breach after the notorious hacking group ShinyHunters exploited a third-party integration to access the company’s internal Snowflake data warehouse, ultimately leaking over 78.6 million records on April 14, 2026. The breach did not stem…
Hackers Abuse GitHub and Jira Notifications to Deliver Phishing Through Trusted SaaS Channels
Cybercriminals are now weaponizing the very tools that developers and IT teams trust the most. By abusing the automated notification features built into GitHub and Jira, threat actors are delivering convincing phishing emails that originate directly from those platforms’ own…
Claude AI Reportedly Down for Hundreds of Users With Intermittent 500 Errors
Anthropic’s Claude AI is facing a fresh wave of user-reported disruptions on April 13, 2026, with hundreds of users encountering intermittent HTTP 500 internal server errors across claude.ai, the API, and Claude Code, even as Anthropic’s official status page continues…