-
Janela Remote Access Trojan (RAT) campaign using fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data. The latest Janela RAT samples are being distributed through public GitLab repo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An autonomous AI security agent developed by Strix has discovered a critical authentication bypass vulnerability in etcd, the widely used distributed key-value store that underpins countless backend systems worldwide. Tracked as CVE-2026-33413 and assi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new experiment has shown how an AI coding assistant, Codex, can independently escalate privileges on a Samsung Smart TV by abusing dangerously exposed kernel drivers in Samsung’s KantS2 Tizen firmware. Working from an existing browser foothold, Codex…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding two actively exploited security vulnerabilities in Microsoft products. Added to the Known Exploited Vulnerabilities (KEV) catalog on April 13, 2026, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross‑platform malware chain that ends with the PHANTOMPULSE remote access trojan. Attackers pose as a venture capital firm targeting financial and cryptocurr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have highlighted a critical vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams. Tracked as CNVD-2020-26585, this severe security flaw allows unauthenticated remote code execution (RC…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP released its monthly Security Patch Day updates, addressing 19 new security notes and one update to a previously released note. According to the official SAP Support Portal, these patches resolve severe vulnerabilities, including critical SQL injec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are shifting away from email phishing and are directly targeting Okta and other identity providers using voice‑based social engineering, or “Okta vishing.” This trend turns what used to be a single account compromise into an immediate, organiza…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Synology has recently released a crucial security update to fix two notable vulnerabilities in its SSL VPN Client utility. Tracked under the security advisory Synology-SA-26:05, these flaws could allow remote attackers to access sensitive system files …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A previously undocumented Linux backdoor attributed to China-linked threat group APT41 (Winnti) has been uncovered, targeting cloud workloads across AWS, GCP, Azure, and Alibaba Cloud. The ELF-based implant, currently showing zero detections on VirusTo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
