Energy Sector Under Siege: Microsoft Exchange Bug Fuels Repeated Attacks on Azerbaijani Firm
A China-linked threat group exploited the same unpatched Microsoft Exchange server across three attack waves over two months, deploying different backdoors each time against an Azerbaijani energy company.
The Latest
New Linux Kernel Flaw Fragnesia Grants Unauthorized Root Privileges
Fragnesia is a recently disclosed Linux kernel flaw that lets local attackers gain root privileges by exploiting memory fragmentation handling.
New Android Intrusion Logger Targets Advanced Spyware Threats
Android's new intrusion logging feature stores tamper resistant forensic evidence of spyware activity, aiding investigators in detecting infections from tools…
Apple Enables Encrypted RCS Chat Between iPhone and Android
Apple's iOS 26.5 introduces end to end encrypted RCS messaging between iPhone and Android devices, closing a major privacy gap…
New Exim Vulnerability Leverages BDAT and GnuTLS for Remote Code Execution
The buffer overflow in Exim's BDAT handling with GnuTLS allows unauthenticated remote attackers to execute arbitrary code on affected mail…
Microsoft Ships Large Patch Bundle for Windows 11 Versions 24H2 and 25H2
The combined patch bundle for Windows 11 versions 24H2 and 25H2 fixes a remote code execution flaw in the Print…
Major Patch Update: Critical RCE Flaws Force Urgent Action
Twenty nine critical remote code execution vulnerabilities pose immediate risk to unpatched Windows systems and network infrastructure.
Android Banking Trojan TrickMo Adds TON Network and SOCKS5 Proxy Capabilities
A new TrickMo variant uses TON blockchain for command and control and a SOCKS5 proxy to turn infected Android devices…
BitUnlocker Attack Breaks Windows 11 BitLocker Encryption in Minutes
A newly discovered downgrade attack bypasses Windows 11 BitLocker encryption in roughly five minutes, requiring physical device access but putting…
AI Generated Zero Day Exploit Emerges as New Cyber Threat Vector
Google TAG reports adversaries are using large language models to autonomously generate functional zero day exploits, compressing the weaponization timeline…
cPanel and WHM Emergency Patches Address Three Critical Flaws
cPanel and WHM have released emergency patches for three vulnerabilities that could allow attackers to compromise web hosting environments through authentication bypass and privilege escalation.
APT Groups Exploit Gaming Platforms and Debug APIs in Multi Vector Cyber Campaigns
North Korea's ScarCruft group uses a gaming platform to deploy BirdCall malware, while critical RCE flaws in Apache HTTP/2, MetInfo…
Attackers Abuse Legitimate RMM Tools to Breach 80 US Organizations
The VENOMOUS#HELPER campaign uses phishing emails disguised as Social Security Administration statements to trick victims into installing legitimate remote access…
Critical MOVEit Automation Flaws Allow Unauthenticated Takeover
Researchers from Airbus SecLab discovered the authentication bypass and privilege escalation flaws in Progress MOVEit Automation, prompting urgent patches across…
Spotlight
DigiCert Breach: Stolen EV Code Signing Certificates Linked to Zhong Stealer Malware
The attacker exploited a malfunctioning endpoint sensor to maintain undetected access for ten days, stealing certificates used to sign Zhong Stealer malware.
AI Coding Tools Fuel a New Wave of Low Skill High Impact Cyber Attacks
AI tools like ChatGPT and Claude Code enabled individuals with no coding background to conduct attacks previously requiring skilled engineers, as exploit windows shrank to 44 days and malicious software…
Chinese Silver Fox Group Uses Tax Phishing to Deliver New ABCDoor Backdoor
More than 1,600 phishing emails were flagged between early January and early February 2026 across industrial, consulting, retail, and transportation sectors.
Bluekit Phishing Platform Bundles Domain Automation, 2FA Circumvention, and Session Hijack Tools
Varonis researchers found that Bluekit's centralized dashboard captures session tokens and cookies after victims complete 2FA, rendering that security measure ineffective.
Features
Fake TanStack npm Package Steals Developer Credentials via Postinstall Script
Security researchers uncovered a supply chain attack where a fake TanStack npm package used automated postinstall scripts to harvest environment…
Hackers Exploit Critical cPanel Flaw to Breach Governments and Hosting Firms
The threat actor also used a prior custom exploit chain involving SQL injection and CAPTCHA bypass against an Indonesian defense…
New Supply Chain Worm Hits SAP npm Packages, Targets Developer Secrets
The Mini Shai-Hulud worm uses a Bun runtime bootstrap to silently harvest credentials from developer machines, cloud platforms, and AI…
Linux Kernel Zero Day Copy Fail Lets Attackers Gain Root Access on Major Distributions
The flaw was introduced through three separate kernel changes made in 2011, 2015, and 2017, none of which appeared malicious…
FBI and Dubai Police Dismantle Global Crypto Fraud Ring, Seizing $701 Million
The international operation involved 276 arrests and the shutdown of nine scam centers, with human trafficking victims forced to run…
Apache MINA Flaws Expose Enterprise Apps to Full Takeover
A botched merge left critical Apache MINA deserialization fixes unpublished until project maintainers caught the error and reissued versions 2.2.7…
