CYBER ATTACK

FancyBear, a Russian state-linked hacking group, made a big mistake in operational security that gave security researchers an unusually clear picture of.

The GNU Inetutils telnetd daemon has a serious buffer overflow flaw. This flaw, which is tracked as CVE-2026-32746, lets an unauthenticated remote.

Apple WebKit Vulnerability Lets Bad Web Content Bypass on iOS and macOS Apple has released important security updates to fix a serious WebKit.

Vidar 2.0, a new version of the Vidar infostealer, is spreading quickly through hundreds of fake game cheat repositories on GitHub and targeted posts on.

Weaknesses in Ubuntu Desktop Systems A Local Privilege Escalation (LPE) flaw in default installations of Ubuntu Desktop 24.04 and later lets an attacker.

Discover how There is a security hole in the Windows Registry called RegPwn. The "RegPwn" (CVE-2026-24291) Windows vulnerability is a high-severity flaw.

OpenAI has released GPT-5.4 Mini and Nano, two small-footprint models that promise answers that are up to twice as fast as previous GPT-5 Mini models.

Discover how Microsoft has stopped the automatic installation of the Microsoft 365 Copilot app on Windows devices for the time being. Microsoft 365.

The Microsoft Detection and Response Team talks about a complex voice phishing (vishing) campaign that broke into a business setting in November 2025 This.

Discover how A fake Telegram download site is actively spreading dangerous malware by hiding a malicious installer as a real setup file. The site, which.

Boggy Serpens, also known as MuddyWater, is a cyberespionage group that is currently running hacking campaigns against targets all over the world. This.

A newly revealed serious security hole in GNU The telnetd daemon in Inetutils could let attackers who aren't logged in take full control of affected.

FortiClient SQL Injection flaw A serious SQL injection hole in Fortinet's FortiClient Endpoint Management Server (EMS). This serious flaw has a CVSS score.

The Iranian nation-state group Boggy Serpens, also known as MuddyWater, has greatly increased its cyberespionage activities This article explores.

A new wave of targeted attacks is quietly hitting Argentina's judicial system This article explores hitting argentina judicial. . They use fake court.

Apple has put out emergency security updates to fix a serious WebKit flaw that makes iPhone, iPad, and Mac users vulnerable to advanced web-based attacks.

MDSec researchers have revealed a new Windows vulnerability called "RegPwn" that lets attackers go from being a low-privileged user to having full SYSTEM.

A serious security hole in Fortinet's FortiClient Enterprise Management Server (EMS) is causing a lot of worry in business settings, especially those that.

Researchers found a coordinated supply chain attack on two popular React Native npm packages on March 16, 2026. The infected releases add an install-time.

Researchers have shown a way to get around the sandbox isolation of AWS Bedrock AgentCore Code Interpreter, which has raised serious concerns about a.

On March 16, 2026, a coordinated supply chain attack hit the developer community This article explores backdoored popular react. . A hacker known as.

The UK government's official business register, Companies House, has found a serious security hole in its WebFiling service This article explores agency.

Stop wasting time on false positives to avoid alert overload This article explores suspicious alerts prioritized. . At first glance, false positives in.

A new way to attack that takes advantage of a basic flaw in AI web assistants: the difference between what a browser shows a user and what an AI tool.

The Windows 11 25H2/24H2 Update fixes problems with Bluetooth devices not being able to see each other This article explores bluetooth fix microsoft.

Recently, ANY.RUN, a top provider of interactive malware analysis and threat intelligence solutions, has seen a rise in phishing activity that takes.

Kubernetes CSI Driver NFS Security Hole The Kubernetes Container Storage Interface (CSI) Driver for NFS has a path traversal vulnerability that could let.

Discover how AWS Bedrock AgentCore Code Interpreter's "Sandbox" network mode has a major security flaw that lets threat actors set up hidden.

Storm-2561 is a financially motivated hacker who has been stealing credentials since May 2025 This article explores storm 2561 uses. . They do this by.

Discover how Web apps are at risk because of an Angular XSS vulnerability. There is a serious Cross-Site Scripting (XSS) flaw in the popular Angular.