Mandiant Uncovers How Attackers Exploited Cisco SD-WAN Zero-Day to Gain Stealthy Root Access
New forensic details reveal how threat actors leveraged a Cisco SD-WAN zero-day vulnerability to create hidden root accounts, establish persistent access, and erase traces of compromise across targeted enterprise networking environments.
The Latest
Google Introduces New Privacy Controls for Search History and Personalized Recommendations
Google is rolling out new account settings that separate search activity history from personalization preferences, giving users greater control over…
Edgecution Malware Turns Browser Extensions into Ransomware Entry Points Through Native Messaging Abuse
A sophisticated attack chain dubbed Edgecution is abusing Microsoft Edge extensions and Chrome Native Messaging to bypass browser security boundaries,…
Cisco Unified CM Vulnerability Moves From Disclosure to Active Exploitation Following PoC Release
Threat actors have begun exploiting Cisco Unified Communications Manager vulnerability CVE-2026-20230, a critical file-write flaw that can ultimately lead to…
Xolis Healthtech Data Breach Exposes Sensitive Records of 1.4 Million Patients After Phishing Attack
Healthcare AI company Xolis has disclosed a phishing-driven breach that exposed sensitive personal and medical data belonging to approximately 1.4…
LastPass Confirms Customer Data Exposure in Klue OAuth Supply Chain Attack
LastPass has confirmed that attackers used stolen OAuth tokens from a Klue supply chain breach to access Salesforce support case…
macOS ClickFix Campaign Abuses Terminal Commands to Deploy Atomic Stealer via Silent DMG Mounting
A new macOS ClickFix campaign is tricking users into running Terminal commands that silently download and mount malicious DMG files…
CISA Flags Active Exploitation of Critical Ubiquiti and Lantronix Vulnerabilities in Federal Systems
CISA has warned that multiple high-severity vulnerabilities in Ubiquiti UniFi OS and Lantronix EDS5000 devices are being actively exploited, prompting…
Mistic Backdoor Linked to KongTuke Access Broker Enables Stealthy Ransomware-Ready Intrusions
A newly identified stealth backdoor called Mistic has been linked to the KongTuke initial access broker and is being used…
GitHub Hardens actions/checkout to Block “Pwn Request” Supply-Chain Attack Patterns
GitHub has updated actions/checkout to block common fork-based “pwn request” attack patterns in pull_request_target workflows, reducing the risk of malicious…
Trump Executive Order Sets 2030 Deadline for Federal Shift to Post-Quantum Cryptography
A new executive order establishes firm deadlines for U.S. federal agencies and contractors to transition to post-quantum cryptography, accelerating national security efforts to defend against future quantum-enabled decryption threats.
Malicious npm Packages Masquerade as PostCSS Tools to Deploy Multi-Stage Windows RAT
Security researchers have uncovered malicious npm packages posing as PostCSS utilities that deploy a multi-stage Windows remote access trojan capable…
Tata Electronics Confirms Cyberattack Following Data Leak Claims by World Leaks Group
Tata Electronics has acknowledged a cybersecurity incident affecting parts of its IT environment after a cyber extortion group claimed responsibility…
Fake AI Agent Skill Evades Security Scanners and Reaches Thousands of Autonomous Agents
Researchers demonstrated how a seemingly legitimate AI agent skill bypassed multiple security scanners and reportedly spread to thousands of agents…
Spotlight
FortiBleed Campaign Harvests 110 Million Credentials Through Compromised FortiGate Firewalls
Researchers have uncovered a massive credential-harvesting operation dubbed 'FortiBleed' that leveraged compromised FortiGate firewalls and automated cracking infrastructure to collect more than 110 million credentials worldwide.
Attackers Exploit Cisco Unified CM Flaw After Public PoC Exposes Path to Root Access
Security researchers have detected active exploitation of a critical Cisco Unified Communications Manager vulnerability that can allow attackers to write files to vulnerable systems and potentially escalate privileges to root…
U.S. Seizes Huione Cloud Infrastructure in Major Crackdown on Global Scam and Money Laundering Networks
The U.S. government has seized cloud infrastructure linked to the Huione ecosystem and imposed new sanctions targeting entities connected to Southeast Asia's sprawling cyber fraud and money laundering operations.
‘Cordyceps’ CI/CD Flaw Exposes Hundreds of Open-Source Projects to Supply-Chain Takeovers
Researchers have uncovered a dangerous CI/CD workflow weakness dubbed "Cordyceps" that could allow unauthenticated attackers to hijack repositories, steal credentials, and compromise software supply chains across hundreds of major open-source…
Features
Global Crackdown Dismantles Amadey and StealC Malware Networks, Recovers 27 Million Stolen Credentials
An international law enforcement operation has disrupted the infrastructure behind the Amadey and StealC malware ecosystems, seizing hundreds of servers…
CISA Flags Actively Exploited Lantronix Device Vulnerability as Critical Infrastructure Risks Mount
CISA has added a critical Lantronix EDS5000 vulnerability to its Known Exploited Vulnerabilities catalog after confirming active attacks, while also…
Microsoft attributes Mastra AI npm supply chain attack to North Korean hacking group Sapphire Sleet
A large npm supply chain compromise affecting over 140 Mastra AI packages has been linked to the North Korean threat…
Prinz Eugen ransomware targets fresh files first and skips ransom notes in stealthy new campaign
A new ransomware strain dubbed Prinz Eugen is prioritizing recently modified files for encryption while avoiding ransom notes entirely, signaling…
Gravity SMTP WordPress flaw actively exploited to leak API keys and site data
Attackers are exploiting a medium-severity Gravity SMTP plugin vulnerability to extract sensitive configuration data, including API keys and OAuth tokens,…
INTERPOL reports sharp surge in cybercrime across Asia-Pacific driven by AI scams and ransomware
The world's largest international police organization warns of a dramatic rise in phishing, ransomware, and AI-enabled scams across Asia and…
