-
A new phishing-driven malware campaign distributing a stealthy PureLogs variant that leverages advanced evasion techniques, including process hollowing via MsBuild.exe. The campaign is designed to steal sensitive data from infected systems while avoidi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitive data and extort victims without deploying traditional ransomware. In its latest campaigns, SR…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
India’s largest public sector bank, State Bank of India (SBI), has issued a fresh cybersecurity alert warning customers about an ongoing phishing campaign targeting users of its YONO digital banking platform. The alert highlights a surge in fraudulent …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The flaw, discovered by X41 D-Sec during an OSTIF-sponsored s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-48172, introduces a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly observed Android malware strain, known as BTMOB, is raising concerns among cybersecurity researchers due to its powerful remote access capabilities and ease of deployment. Initially identified in early 2025, BTMOB has evolved into a full-featur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel memory and reliably escalate to SYSTEM on Windows 11 24H2–25H2. The bug sits in ntoskrnl.exe i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly uncovered zero-click attack targets iPhone users running iOS 16, allowing threat actors to hijack WhatsApp accounts without any user interaction, visible prompts, or warnings about linked devices. The campaign was first documented by Italian di…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
