-
GTFire is a large-scale phishing scheme that abuses multiple Google services to hide malicious infrastructure, evade security tools, and steal credentials from organizations worldwide. GTFire is a credential-harvesting operation that chains Google Fire…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in Langflow, a popular low-code tool used for building applications with Large Language Models (LLMs). The flaw, tracked as CVE-2026-27966, resides in the software’s CSV Agent node and could allow mali…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An international law enforcement operation named Project Compass has launched a major offensive against “The Com,” a dangerous transnational virtual network (TVN). The operation, which began in January 2025, has successfully led to the arre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are actively mapping SonicWall firewalls worldwide, launching more than 84,000 SonicOS scanning sessions from over 4,000 unique IP addresses in just four days to identify SSL VPN targets for future credential and vulnerability attacks. Three op…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to perform Server-Side Request Forgery (SSRF) and Header Injection attacks. Tracked as CVE-2026-27739, this flaw enables unauthorized server-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe infrastructure incident in the Middle East has triggered a massive Amazon Web Services (AWS) outage, disrupting critical cloud operations across the region. The event, which aggressively impacted the ME-CENTRAL-1 (United Arab Emirates) and ME-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A popular Iranian prayer timing application, BadeSaba Calendar, was hacked to deliver anti-government push notifications to millions of users. This cyber incident occurred early Saturday morning, coinciding with joint U.S. and Israeli military strikes …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pixel Perfect Browser Extension Exploited for Stealth Script Injection and Security Header Stripping
A popular Chrome add-on, “QuickLens – Search Screen with Google Lens,” has quietly morphed from a legitimate productivity tool into a full‑fledged remote code-execution platform that abuses browser trust, security headers, and silent auto‑updates. What…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶