Cybersecurity News — Page 2 of 3
79 articles · Page 2 of 3 · Updated every 6 hours
C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
A sophisticated new botnet strain designated C0XMO has emerged as a formidable threat to networked infrastructure, actively exploiting vulne
Silent Ransom Group targets law firms with fake IT support calls
The Silent Ransom Group, an emerging extortion operation, has escalated its targeting of United States law firms and professional services o
Critical Everest Forms Pro flaw exploited to take over WordPress sites
WordPress installations worldwide face an immediate and escalating threat as threat actors actively exploit a critical vulnerability designa
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
OpenAI announced the rollout of Lockdown Mode for ChatGPT beginning this week, introducing a new security posture specifically engineered to
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
The United States Cybersecurity and Infrastructure Security Agency has formally catalogued a critical vulnerability affecting SolarWinds Ser
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
An autonomous artificial intelligence agent has identified twenty-one previously unknown vulnerabilities within FFmpeg, the ubiquitous media
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
The Miasma worm has successfully infiltrated 73 Microsoft repositories housed across four of the company's GitHub organizations, namely Azur
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Cisco has disclosed active exploitation of CVE-2026-20245, a high-severity vulnerability affecting its Catalyst SD-WAN Manager platform, wit
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
ReliaQuest's cybersecurity research division has identified a previously undocumented threat cluster designated OP-512 that specializes in c
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Security operations centers across the globe are undertaking their most significant technological transformation in a decade, yet the result
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are currently exploiting a critical remote code execution vulnerability within Everest Forms Pro, a WordPress plugin deployed
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
A previously tracked threat actor identified as PCPJack has compromised approximately 230 cloud-hosted servers distributed across Amazon Web
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave Software has officially unveiled Brave Origin, a fundamentally reimagined browser product that eliminates cryptocurrency integration,
Hola Browser for Windows compromised to deliver cryptominer
The Windows distribution channel for Hola Browser fell victim to a supply chain attack in which threat actors injected cryptocurrency mining
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco Systems has released a security patch addressing a critical vulnerability in its Unified Communications Manager platform, designated C
UN food agency discloses breach affecting 600,000 Gaza households
The World Food Programme, the United Nations' primary humanitarian food distribution mechanism operating globally, disclosed a significant c
New IronWorm malware hits 36 packages in npm supply-chain attack
A sophisticated supply-chain attack has compromised 36 separate packages within the Node Package Manager ecosystem, introducing infostealer
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A critical vulnerability in Anthropic's Claude Code GitHub Action has exposed thousands of software repositories to potential hijacking thro
Cisco warns of critical Unified CM flaw with PoC exploit code
Cisco has disclosed a critical-severity vulnerability affecting its Unified Communications Manager platform, prompting the technology giant
Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercriminal group has initiated a sophisticated campaign targeting European organisations through the deployment of pre
The U.S. sanctions Nobitex crypto exchange used by ransomware
The United States Treasury Department's Office of Foreign Assets Control designated Nobitex, Iran's largest cryptocurrency exchange platform
U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors
The U.S. Treasury Department's Office of Foreign Assets Control has imposed comprehensive sanctions against Nobitex, Iran's largest cryptocu
CISA warns of cyberattacks targeting fuel tank monitoring systems
The U.S. Cybersecurity and Infrastructure Security Agency, alongside the Federal Bureau of Investigation, National Security Agency, Departme
CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency released a critical warning in recent weeks alerting organisations and individual
What 345 Days of Untested Exposure Looks Like at a Bank
The cybersecurity vulnerabilities exposed through a single two-week penetration test represent merely 5 percent of a banking institution's a
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Cybersecurity researchers have identified a critical one-click vulnerability affecting Microsoft Visual Studio Code that enables attackers t
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
Enterprise identity and access management systems across the global business landscape face an unprecedented operational crisis that fundame
Acer working to patch max severity zero-days in Wave 7 routers
Acer has initiated remediation efforts targeting two critical zero-day vulnerabilities discovered in its Wave 7 mesh router product line, ma
Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Security researcher and Metasploit creator HD Moore has articulated a fundamental operational principle that challenges conventional cyberse
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers have disclosed a critical vulnerability affecting Windows Search that permits attackers to extract NTLMv2 authenti