-
Hackers are actively mapping SonicWall firewalls worldwide, launching more than 84,000 SonicOS scanning sessions from over 4,000 unique IP addresses in just four days to identify SSL VPN targets for future credential and vulnerability attacks. Three op…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to perform Server-Side Request Forgery (SSRF) and Header Injection attacks. Tracked as CVE-2026-27739, this flaw enables unauthorized server-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe infrastructure incident in the Middle East has triggered a massive Amazon Web Services (AWS) outage, disrupting critical cloud operations across the region. The event, which aggressively impacted the ME-CENTRAL-1 (United Arab Emirates) and ME-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A popular Iranian prayer timing application, BadeSaba Calendar, was hacked to deliver anti-government push notifications to millions of users. This cyber incident occurred early Saturday morning, coinciding with joint U.S. and Israeli military strikes …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pixel Perfect Browser Extension Exploited for Stealth Script Injection and Security Header Stripping
A popular Chrome add-on, “QuickLens – Search Screen with Google Lens,” has quietly morphed from a legitimate productivity tool into a full‑fledged remote code-execution platform that abuses browser trust, security headers, and silent auto‑updates. What…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenClaw, a highly popular open-source AI personal assistant with over 100,000 GitHub stars, recently faced a critical security flaw. This AI tool, which autonomously manages developer workflows across laptops, messaging apps, and dev tools, was found …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are executing sophisticated phishing campaigns that impersonate Zoom and Google Meet to silently deploy Teramind onto Windows devices. While Teramind is a legitimate enterprise endpoint monitoring product, scammers are abusing its stealth…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Cofense Intelligence have uncovered an ongoing campaign where threat actors abuse Windows File Explorer to distribute malware. By exploiting the legacy WebDAV protocol, attackers are tricking victims into downloading Remote…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶