A browser extension that once earned a Featured badge from Google quietly turned into a remote code execution tool after its ownership changed hands, exposing thousands of users to covert script injection and full browser security header stripping. The campaign,…
Tag: Cyber Security News
Hacked Prayer App Used as Cyber Weapon During US-Israel Strikes on Iran
As Israeli and US forces launched joint preemptive airstrikes on Tehran, a sophisticated cyber-psychological operation unfolded simultaneously. According to a report by Wired Middle East, millions of Iranian citizens and military personnel were jolted awake not only by explosions but…
AWS Power Outage in Middle East Triggers Major Disruption to EC2 and Networking Services
A major power outage in the AWS me-central-1 (Middle East) region on March 1, 2026, resulted from an unusual physical incident where external objects struck a data center, triggering sparks and a fire. The event caused significant disruptions to Amazon…
OpenClaw 0-Click Vulnerability Allows Malicious Websites to Hijack Developer AI Agents
A critical zero-interaction vulnerability in OpenClaw, one of the fastest-growing open-source AI agent frameworks in history, has been discovered by Oasis Security researchers, allowing any malicious website to silently seize full control of a developer’s AI agent without requiring plugins,…
Phishing Schemes Abuse .arpa TLD and IPv6 Tunnels to Evade Detection
Cybersecurity researchers at Infoblox Threat Intel have uncovered a highly sophisticated phishing campaign that exploits the foundational plumbing of the internet to bypass enterprise security controls. In a novel evasion tactic, threat actors are weaponizing the .arpa top-level domain (TLD) and utilizing…
Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery
Cybercriminals are increasingly abusing a legacy feature within Windows File Explorer to distribute malware, bypassing traditional web browser security and endpoint detection controls. According to a threat report by Kahng An of the Cofense Intelligence Team, threat actors are leveraging…
Metasploit Adds New Modules Targeting Linux RC4, BeyondTrust, and Registry Persistence
The latest Metasploit update, released on February 27, 2026, brings significant firepower to security professionals and penetration testers. The release introduces seven new modules, nine feature enhancements, and critical bug fixes. Standout additions include unauthenticated remote code execution (RCE) exploits…
Trump Bans Anthropic AI in Federal Agencies — Pentagon Flags Claude as Security Risk
The U.S. government has taken unprecedented action against domestic AI firm Anthropic, directing all federal agencies to immediately stop using its AI model Claude and officially designating the company a supply chain risk to national security, a classification historically reserved…
Researchers Uncover Aeternum C2 Infrastructure with Advanced Persistence and Network Evasion Features
For years, taking down a botnet meant finding its command-and-control (C2) server, seizing the domain, and watching the network go dark. Law enforcement used this method to dismantle major operations like Emotet, TrickBot, and QakBot. A newly discovered botnet loader…
New Dohdoor Malware Attacking Schools and Health Care Sectors in U.S. via Multi-Stage Attack Chain
A newly discovered malware campaign has been quietly targeting educational institutions and healthcare organizations across the United States since at least December 2025. The threat, tracked under the actor designation “UAT-10027,” deploys a previously unknown backdoor called “Dohdoor,” which uses…
Vshell Gains Traction Among Threat Actors as an Alternative to Cobalt Strike
A Go-based command-and-control (C2) framework originally marketed within Chinese-speaking offensive security communities has been quietly expanding its reach, drawing growing attention from threat actors seeking flexible and cost-effective alternatives to expensive commercial tools. Known as Vshell, the tool has evolved…
Malicious Go Crypto Module Steals Passwords and Deploy Rekoobe Backdoor in Developer Environments
Malicious Go Crypto Module Steals Passwords and Deploys Rekoobe Backdoor in Developer Environments A newly discovered supply chain attack is putting Go developers at serious risk. A threat actor published a malicious Go module that closely mimics one of the…
Critical Trend Micro Apex One Vulnerabilities Allows Malicious Code Execution
Trend Micro has released fixes for multiple Apex One vulnerabilities, ranging from High to Critical severity, including management console issues that can lead to remote code execution (RCE). The affected CVEs range from CVE-2025-71210 to CVE-2025-71217, with CVSS v3 scores ranging from…
Critical Zyxel Vulnerabilities Exposes Routers to Remote Command Injection
Critical firmware updates have been released to address multiple serious vulnerabilities in networking devices, including 4G LTE/5G NR CPEs, DSL/Ethernet CPEs, Fiber ONTs, Security Routers, and Wireless Extenders. These flaws expose affected routers to remote command injection and denial-of-service (DoS)…
FreeBSD Vulnerability Allow Attackers to Crash the Entire System
Administrators must urgently patch a critical vulnerability that allows attackers to escape isolated jail environments. Tracked as CVE-2025-15576, the flaw enables a dangerous jailbreak condition despite often being associated with system crashes. It enables a jailed process to bypass its…
Infostealers Fuel Large‑Scale Brute‑Forcing of Corporate SSO Gateways Using Stolen Credentials
A wave of credential stuffing attacks has exposed a troubling shift in how threat actors are breaking into corporate networks — not by exploiting software vulnerabilities, but by simply logging in with stolen passwords. At the center of this campaign…
Microsoft Defender Expands URL Click Alerts to Include Microsoft Teams for Enhanced Security Visibility
Microsoft is strengthening its cybersecurity ecosystem by extending Microsoft Defender for Office 365 (MDO) URL click alerts to Microsoft Teams. Previously focused on email threats, this update gives security teams crucial visibility into potentially malicious activity happening within Teams messages.…
Juniper Networks PTX Vulnerability Enables Full Router Takeover
A major networking vendor has issued an out-of-cycle security bulletin to address a critical vulnerability in its Junos OS Evolved software, specifically affecting PTX Series platforms. This flaw, identified as CVE-2026-21902, allows an unauthenticated, remote attacker to execute arbitrary code…
North Korean APT37 Hackers Leverages Novel Malware to Infect Air‑Gapped Systems
North Korea-linked threat group APT37 has launched a sophisticated new campaign using a fresh set of custom malware tools specifically designed to reach computers that are not connected to the internet — a type of system long considered among the…
Microsoft Defender Uncovers Trojanized Gaming Utility Campaign Targeting Users with RATs and Remote Data Theft
Cybercriminals have found a new way to get past users’ defenses — by hiding malware inside gaming tools that look completely normal. Microsoft’s security team has uncovered an active campaign where attackers are distributing trojanized versions of popular gaming utilities…