-
A new threat called PhantomVAI, a custom “loader” used to launch cyberattacks worldwide. A loader is a type of malicious software designed to secretly download and start other dangerous programs on a victim’s computer. What makes Phan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Interlock ransomware operators have been observed using a new process‑killing tool that abuses a zero‑day flaw in a gaming anti‑cheat kernel driver to try to shut down endpoint defenses (EDR/AV). The activity was documented during an intrusion agains…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Notepad++, a widely used text editor among developers, became the target of a sophisticated supply chain attack that compromised its update infrastructure for nearly 6 months. On February 2, 2026, the developers published a statement revealing that att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active Directory serves as the central repository for an organization’s authentication infrastructure, making it a prime target for sophisticated threat actors. The NTDS.dit database, which stores encrypted password hashes and critical domain con…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map login panels and enumerate software versions, a clear indi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released a new Stable Channel update for Chrome (version 144.0.7559.132/.133) on February 3, 2026, addressing two high‑severity vulnerabilities that could allow attackers to execute arbitrary code or cause system crashes. The update is rolli…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
