-
A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs as NT AUTHORITY\SYSTEM, so any mistake in its permission checks can b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-volume phishing campaign leveraging the Phorpiex botnet has been distributing GLOBAL GROUP ransomware through weaponized Windows shortcut files. The attack begins with an email attachment named Document.doc.lnk. Windows’ default behavior o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers and trigger denial-of-service (DoS) attacks. The vulnerability, tracked as CVE-2026-25639, affects all …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fancy Bear has launched a sophisticated campaign exploiting a critical zero-day vulnerability in Microsoft RTF files to target users across Central and Eastern Europe. The operation, dubbed “Operation Neusploit,” demonstrates the group̵…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security oversight has left thousands of AI agents wide open to the public internet. 15,200 instances of the OpenClaw AI framework (formerly Clawdbot and Moltbot) are vulnerable to remote takeover. The STRIKE team used internet-wide reconnai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
“Chat & Ask AI,” a highly popular mobile application available on both Google Play and the Apple App Store, has suffered a significant data exposure. An independent security researcher discovered a vulnerability that left approximately …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GuLoader, also known as CloudEye, is a sophisticated malware downloader that has been active since late 2019. Its primary function is to download and install secondary malware, such as Remote Access Trojans (RATs) and information stealers, onto comprom…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The latest campaign, they have switched to misusing a legitimate remote administration tool called NetSupport RAT. A cybercriminal group known as “Stan Ghouls” (or Bloody Wolf) has launched a fresh wave of attacks targeting organizations ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive, eleven-month campaign to root out sophisticated attackers from the nation’s critical infrastructure. The Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) revealed details of “Operation CYBER …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is currently tackling a significant service degradation within Exchange Online that is disrupting business communications by incorrectly flagging legitimate emails as phishing attempts. The incident, tracked under the identifier EX1227432, be…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
