-
A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with trojanized versions targeting both Windows and Linux users. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords stored in /etc/shadow. Tracked as CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS) model. First discovered in April 2025, the group initially targeted a smal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root on affected systems. The flaw, tracked as CVE-2026-41702, has been rated high seve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Shai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to steal sensitive developer credentials from GitHub, AWS, Kuber…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through a single vulnerable video processing driver. The work shows both how quickly Google can now patch critical is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability in PraisonAI is drawing urgent attention after security researchers observed exploitation attempts within hours of public disclosure. The flaw, tracked as CVE-2026-44338 and documented in the GitHub advisory GHSA-6rmh-7xcm…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are continuing to abuse a stealthy Linux rootkit known as OrBit to harvest SSH and sudo credentials, with new research showing the threat has quietly evolved over four years while remaining active in the wild. First analyzed in 2022, OrBit was …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The technique highlights a growing shift in cyberattacks where adv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
