-
TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected dev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly sophisticated offensive cloud operation targeting an AWS environment.The attack was notable for its extreme speed taking less than 10 minutes to go from initial entry to full administrative control and its heavy reliance on AI automation. The …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new threat called PhantomVAI, a custom “loader” used to launch cyberattacks worldwide. A loader is a type of malicious software designed to secretly download and start other dangerous programs on a victim’s computer. What makes Phan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Interlock ransomware operators have been observed using a new process‑killing tool that abuses a zero‑day flaw in a gaming anti‑cheat kernel driver to try to shut down endpoint defenses (EDR/AV). The activity was documented during an intrusion agains…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Notepad++, a widely used text editor among developers, became the target of a sophisticated supply chain attack that compromised its update infrastructure for nearly 6 months. On February 2, 2026, the developers published a statement revealing that att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active Directory serves as the central repository for an organization’s authentication infrastructure, making it a prime target for sophisticated threat actors. The NTDS.dit database, which stores encrypted password hashes and critical domain con…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map login panels and enumerate software versions, a clear indi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
