-
Approximately 6,000 vulnerable SmarterTools SmarterMail installations globally are all exposed to an actively exploited remote code execution vulnerability. The vulnerability, tracked as CVE-2026-23760, poses an immediate threat to organisations relyin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active exploitation of a critical vulnerability in React Server Components, tracked as CVE‑2025‑55182 (React2Shell), targeting companies across multiple industry sectors worldwide. React2Shell affects the Flight protocol, which facilitates client-serve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Search engine optimization (SEO) poisoning techniques to trick users into downloading malicious software disguised as legitimate tools. This attack campaign involves manipulating search results to promote fake repositories and archives containing BAT e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated deepfake-enabled phishing campaign is actively targeting Bitcoin users through fake Zoom and Microsoft Teams calls. The attackers are exploiting video conferencing, Telegram, and AI-generated identities to steal bitcoin and compromise v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A class-action lawsuit filed in San Francisco federal court accuses Meta Platforms of systematically misleading billions of WhatsApp users about the protection of their messages. The complaint alleges that despite marketing claims of unbreakable end-to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed aerial vehicle (UAV) manufacturing. The attacks appear directly linked to North Kore…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept exploit for CVE-2026-24061, a critical remote code execution vulnerability in the GNU Inetutils telnetd, has surfaced, with security researchers warning that over 800,000 vulnerable instances remain publicly accessible on the interne…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A server-side vulnerability in Instagram that allegedly allowed completely unauthenticated access to private account posts. This raises concerns about Meta’s vulnerability disclosure handling and the effectiveness of compensatory controls protect…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A dangerous new malware toolkit is being sold on Russian cybercrime forums that can redirect victims to fake websites while keeping the real domain name visible in their browser’s address bar. The toolkit, called Stanley, costs between $2,000 and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A dangerous new iteration of the “Contagious Interview” campaign that weaponizes Microsoft Visual Studio Code task files to distribute sophisticated malware targeting software developers. This campaign, which began over 100 days ago, has in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
