Modern cyber-espionage campaigns are increasingly shifting away from loud exploitation techniques and toward stealth-focused, persistence-driven operations that abuse trusted infrastructure. Rather than relying on chains of zero-day vulnerabilities or commodity malware, advanced threat actors are no...
Read more →Anthropic’s Claude Mythos Preview (Project Glasswing) has pushed a new question into the center of security discussions. Anthropic says Mythos has already identified thousands of zero-day vulnerabilities across critical infrastructure, and that in testing it was able to identify and exploit zero-day...
Read more →Researchers have uncovered an active Mirai botnet campaign exploiting CVE-2025-29635, a command-injection vulnerability in legacy D-Link DIR-823X routers, to recruit internet-exposed devices into a distributed denial-of-service (DDoS) botnet. Attackers deploy a Mirai malware variant known as “tuxnok...
Read more →Researchers have uncovered an active IoT botnet campaign exploiting two known command-injection vulnerabilities to recruit surveillance cameras and home routers into a distributed denial-of-service (DDoS) army. Dubbed Nexcorium, this new Mirai variant uses CVE-2024-3721, an OS command-injection flaw...
Read more →Threat actors are increasingly moving faster than ever in ransomware operations, shrinking the time between initial compromise and ransomware deployment to maximize impact before defenders can respond. Instead of relying on prolonged persistence, modern ransomware groups are rapidly exploiting newly...
Read more →The second Tuesday of April 2026 marked another extensive security update release from Microsoft, addressing a broad range of vulnerabilities across its product ecosystem. This month’s Patch Tuesday resolved a notably high number of security flaws spanning Windows, Microsoft Office, Azure, Edge, SQL...
Read more →CVE-2026-5194 is a critical vulnerability affecting the wolfSSL cryptographic library, a widely used TLS/SSL implementation deployed across embedded systems, IoT devices, networking equipment, and applications.
Read more →Adobe has released emergency security updates to address a critical vulnerability in Adobe Acrobat Reader, tracked as CVE-2026-34621. This flaw, with a CVSS score of 8.6, is actively exploited in the wild and allows attackers to execute arbitrary code on affected systems via specially crafted PDF fi...
Read more →The Russian state-linked threat actor APT28 (also known as Forest Blizzard and Pawn Storm) has intensified its cyber operations through two major campaigns: a large-scale DNS hijacking operation targeting SOHO routers and a spear-phishing campaign deploying the PRISMEX malware suite.
Read more →Cybercriminals are increasingly exploiting trusted enterprise collaboration platforms through supply-chain style attacks, with a newly discovered zero-day vulnerability in the TrueConf video conferencing client actively weaponized in targeted campaigns against Southeast Asian government entities. Tr...
Read more →A pair of critical vulnerabilities in Cisco server and license-management technologies, CVE-2026-20093 and CVE-2026-20160. These flaws allow attackers to bypass authentication or execute commands at the highest privilege level. Both flaws have been assigned a CVSS score of 9.8. Exploitation could re...
Read more →Cybercriminal and nation-state threat actors are increasingly shifting toward developer-ecosystem compromise and software supply chain abuse as a reliable avenue for mass access. Rather than exploiting hardened enterprise perimeters directly, these actors target trusted package repositories, build p...
Read more →The discovery of CVE-2026-5281 reveals critical vulnerability highlights a serious weakness in modern web browsers that can be leveraged by attackers to execute malicious code under specific conditions, posing a significant risk to users across different platforms. The issue originates from improper...
Read more →A critical SQL injection vulnerability, CVE-2026-21643, has been identified in FortiClient Endpoint Management Server (EMS), a centralized management platform for FortiClient endpoint agents across multiple environments.
Read more →The Node.js project has recently released a series of security updates to address multiple vulnerabilities across its active release lines. These updates span versions 20.x, 22.x, 24.x, and 25.x, and include fixes for issues ranging from high to low severity. Among the most critical is CVE-2026-2163...
Read more →A significant vulnerability has been discovered in Anthropic’s Claude Google Chrome Extension, potentially allowing malicious actors to inject prompts into the AI assistant without any user interaction. This “zero-click” vulnerability, dubbed ShadowPrompt, could have allowed attackers to silently co...
Read more →Citrix has released a security advisory addressing two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical vulnerability tracked as CVE-2026-3055 (CVSS score: 9.3) and a high-severity vulnerability tracked as CVE-2026-4368 (CVSS score: 7.7).
Read more →The discovery of CVE-2026-33017 reveals a critical remote code execution vulnerability in Langflow that is being actively exploited in the wild within 20 hours of public disclosure. Successful exploitation could allow unauthenticated attackers to execute arbitrary code on affected servers, potential...
Read more →A critical vulnerability, tracked as CVE-2026-21992, has been identified in Oracle Identity Manager (OIM) and Oracle Web Services Manager (OWSM). This flaw enables unauthenticated remote code execution (RCE), posing a severe risk to organizations that rely on these platforms for identity and access ...
Read more →Operation GhostMail is a high-stakes cyber-espionage campaign attributed to the Russian threat actor APT28 (Fancy Bear). By exploiting a critical stored Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration software, the group has successfully targeted Ukrainian government agencies and cr...
Read more →Interlock group has been observed exploiting the critical vulnerability CVE-2026-20131 (CVSS 10.0) in Cisco Secure Firewall Management Center (FMC) since January 26, 2026, prior to its public disclosure. This vulnerability, caused by insecure Java deserialization in the FMC web interface, enables un...
Read more →Microsoft has deployed an emergency out-of-band update (KB5084597) to fix critical vulnerabilities in the Windows Routing and Remote Access Service (RRAS). The patch applies to Windows 11 Enterprise environments utilizing hotpatch functionality. If left unpatched, these issues could be exploited to ...
Read more →In a race against active threats, Google Chrome has released another emergency update to patch two critical zero-day vulnerabilities, CVE-2026-3909 and CVE-2026-3910. These flaws were already being actively exploited in the wild, prompting urgent action from Google to protect users.
Read more →Veeam has fixed several critical vulnerabilities in its Backup & Replication platform that could allow remote code execution and privilege escalation if exploited. Given the platform’s widespread adoption, especially among large enterprises, these flaws present a significant security risk. Ransomwar...
Read more →The second Tuesday of March 2026 delivered another significant security update cycle from Microsoft. This month’s Patch Tuesday addressed a substantial number of vulnerabilities across Windows, Office, Azure, SQL Server, Hyper-V, Edge, and several other Microsoft components.
Read more →
