-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
XWorm, a multi-functional .NET‑based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OpenClaw team has officially released version 2026.2.12, a comprehensive update focused heavily on security hardening and architectural stability. This release addresses over 40 security vulnerabilities and stability issues, marking a significant m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OysterLoader, also tracked as Broomstick and CleanUp, is a multi‑stage loader malware written in C++ and actively leveraged in campaigns linked to the Rhysida ransomware group. First highlighted in mid‑2024 during malvertising and SEO‑poisoning campaig…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue. The threat actors are actively exploiting the flaw i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The 2025 spam and phishing landscape shows a sharp rise in AI-generated lures and QR code–based “quishing,” alongside complex malware campaigns abusing cracked games and software to deliver information stealers at scale. These trends highlight how soci…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been discovered in next-mdx-remote, a popular TypeScript library used for rendering MDX content in React applications. The flaw, tracked as CVE-2026-0969 and identified by researchers at Sejong University, enables attackers…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of ClickFix attacks is targeting Windows users with fake Cloudflare-style CAPTCHA verification pages that trick victims into executing malicious PowerShell commands. This campaign delivers a multi-stage, fileless infection chain that ends wi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 1,800 Windows IIS servers worldwide have been compromised in a large-scale search engine optimization (SEO) poisoning campaign driven by the BADIIS malware, a malicious IIS module used to hijack legitimate web traffic. The operation, tracked by El…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zimbra has officially released a critical security update, version 10.1.16, addressing multiple high-severity vulnerabilities that could compromise email infrastructure and user data. The company has classified this patch with a “High” secu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
