Threat actors have initiated attempts to exploit the CVE-2026-20230 vulnerability within Cisco Unified servers used for corporate telephony. This critical error allows an unauthenticated, remote attacker to force file creation within the operating system....
A recent ransomware investigation by Microsoft yielded an astonishing revelation. Two entirely distinct and unassociated hacking syndicates were operating concurrently within the victim organization’s network. The primary group entrenched itself within the infrastructure, meticulously...
Attackers infected more than 140 packages from the Mastra AI ecosystem through npm. The malicious code ran right after npm install or npm update. So the infection could reach developer workstations and build servers,...
A bad driver, a broken program, or an error after a Windows update can now be rolled back, along with apps, settings, and local files. Microsoft has released the optional preview update KB5095093 for...
Target/Victims: Klue, LastPass, and others. Delivery Vector: Compromised integration service credentials from 2022. Key Capabilities: Unauthorized Salesforce CRM access via stolen OAuth tokens. Threat Actor: Icarus ransomware group (Suspected). Source: Klue, LastPass, and affected...
FortiBleed began as mass password guessing. Then it grew into an attack chain, where hijacked firewalls gathered fresh credentials for the next breach. A new timeline shows that the published FortiGate password database was...
A critical flaw within the File Transfer Protocol (FTP) implementation an antiquated mechanism for transmitting data between computers has resided in the Squid proxy server for nearly 29 years. This severe defect enables unauthorized...
A single corrupted video file can sometimes be dangerous even before execution. The new PixelSmash vulnerability in FFmpeg vividly demonstrates this severe threat. Routine video processing can easily cascade into a complete server crash...
AI assistants have become a normal tool for debugging lately. Yet even an ordinary crash report can turn into a command that runs someone else’s code on your machine. Tenet Threat Labs has shown...
Attackers injected malicious JavaScript into Okendo Reviews, a product review widget used by more than 18,000 brands. The compromised script loaded on store pages. After a few checks, it could show visitors a fake...
Trust in a familiar sender keeps turning into a weak point. A new campaign against WhatsApp users builds on exactly that bet. The attackers send malicious files from already-hijacked accounts. They disguise the attachments...
The longer an electronics supply chain grows, the harder it gets to keep trade secrets inside factory walls. India’s Tata Electronics has now confirmed a recent cyber incident. The confirmation followed reports that files...
Sometimes a leak starts not with a hacked admin panel, but with an open service request. Attackers are using exactly that method against WordPress sites that run the Gravity SMTP plugin. The vulnerability, tracked...
At a Glance Field Detail Malware family Prinz Eugen (Go-based ransomware, .prinzeugen extension) Threat actor Prinz Eugen group; linked to the operator handle ROOTBOY (suspected) Victims At least five organizations, including Standard Bank Group...
Malware Family: AryStinger Threat Actor: Unknown (Suspected) Victims: Over 4,000 legacy D-Link routers and NAS systems Delivery Vector: Exploitation of older CVEs Key Capabilities: Traffic proxying, distributed scanning, DNS hijacking Source: XLab (Qianxin) Over...
