-
Over 6,000 internet-facing Apache ActiveMQ servers are currently affected by a critical security flaw, leaving enterprise networks wide open to attack. The Shadowserver Foundation, a prominent nonprofit security research organization, reported finding …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Gentlemen is a fast‑growing ransomware‑as‑a‑service (RaaS) operation now targeting Windows, Linux, NAS, BSD, and VMware ESXi with a new locker written in C for hypervisor environments. Its multi‑platform design and strong defense‑evasion features make …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LayerX security researchers have uncovered a massive, highly coordinated campaign involving at least 12 malicious browser extensions on the Google Chrome and Microsoft Edge marketplaces. Disguised as legitimate TikTok video downloaders, these extension…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI-powered cyberattacks are entering a new phase, with frontier AI models now capable of autonomously discovering and exploiting software vulnerabilities at unprecedented speed. Unit 42’s hands-on testing reveals that modern AI models are no longer مجر…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a critical vulnerability in SGLang, a widely used framework for running large language models, that allows threat actors to compromise inference servers. Tracked as CVE-2026-5760, this flaw enables Remote Code Execut…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a severe software supply chain compromise affecting the widely used Axios node package manager (npm). Axios is a highly popular JavaScript library that dev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SideWinder is running an active credential‑harvesting campaign that uses a fake Chrome PDF viewer and a pixel‑perfect Zimbra clone on Cloudflare Workers to steal government webmail credentials from South Asian targets, including the Bangladesh Navy and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The popular AI application builder, Lovable, is currently facing a massive data breach due to an unpatched API vulnerability. Security researchers have revealed that a critical flaw exposes sensitive project data, source code, and user credentials for …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign is bundling a powerful remote access trojan (RAT) with intrusive adware, giving attackers both long-term control of infected systems and an immediate revenue stream from fraudulent advertising activity. The loader hides two encry…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing a trusted Intel utility to quietly launch advanced malware by hijacking the .NET AppDomain mechanism, allowing malicious code to run inside a signed executable and evade many enterprise defenses. The campaign, dubbed Operation Phant…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
