-
Threat actors are now abusing Google’s Firebase App Distribution service to push fake Android ChatGPT and Meta advertising apps that steal Facebook credentials and enable account takeover. The operation closely mirrors a recent iOS phishing campaign th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cloud Software Group has published a critical security bulletin addressing two significant vulnerabilities in customer-managed NetScaler ADC and NetScaler Gateway deployments. These flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow attacke…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released a crucial security update for its Chrome browser, addressing eight high-severity vulnerabilities. Users are strongly advised to update their browsers immediately to protect their systems from potential remote code execution attacks….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Tax-themed Google Ads are being weaponized to deliver a BYOVD-based EDR killer, with Huntress linking a large-scale malvertising campaign to rogue ScreenConnect deployments and a vulnerable Huawei audio driver used to blind endpoint defenses before han…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025.An ongoing SEO poisoning campaign abuses search results to trick users into downloading trojanized installers for more than 25 popular applications, ultimately …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A targeted cyber espionage campaign against Libyan organizations has compromised an oil refinery, a telecommunications provider, and a state institution between November 2025 and February 2026. The campaign stands out due to its focus on critical infra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet Information Services (IIS) instances currently active online. This widespread dep…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) show that Macs are no longer a niche target but a priority for cybercrime ecosystems. Marketed as a premium Malware‑as‑a‑Servic…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security Researchers have detected active exploitation targeting unpatched Quest KACE Systems Management Appliance (SMA) instances. Starting the week of March 9, 2026, threat actors began leveraging a critical authentication bypass vulnerability, ident…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-32432, this code injection flaw is currently being e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
