-
A critical buffer overflow vulnerability has been discovered in the GNU InetUtils telnetd daemon. Tracked as CVE-2026-32746, the flaw carries a maximum CVSS 3.1 score of 9.8 and allows unauthenticated attackers to execute arbitrary code with root privi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI has officially launched GPT-5.4 mini and GPT-5.4 nano, introducing high-efficiency models optimized for automated workflows, coding subagents, and latency-sensitive deployments. These models are designed to reduce application programming interfa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phase of the Iran war is unfolding in which ballistic missiles, drones, electronic warfare, and cyber operations are being deployed in parallel, with cyber activity increasingly tied to kinetic targeting, damage assessment, and strategic messagin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly relying on social engineering rather than complex software vulnerabilities to breach corporate networks. In November 2025, Microsoft’s Detection and Response Team (DART) investigated a notable identity-first intrusion whe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Large‑scale campaigns abusing GitHub and Reddit to spread Vidar Stealer 2.0 through fake “free game cheats,” targeting players of popular online titles across the board. The operation shows how the takedown of other infostealers has shifted criminal de…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Boggy Serpens, also known as MuddyWater, has escalated its cyberespionage operations over the past year, focusing on diplomats and critical infrastructure organizations in a coordinated, multi-wave campaign. Boggy Serpens has moved beyond its earlier n…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to unauthorized directory modification and deletion. Tracked as CVE-2026-3864 with a medium-severity CVSS v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at MDSec have disclosed a newly patched Elevation of Privilege vulnerability in Microsoft Windows, known as “RegPwn”. Tracked as CVE-2026-24291, this flaw allows a low-privileged user to gain full SYSTEM access by exploiting how…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered malware campaign is exploiting user trust in Telegram by distributing a trojanized installer through a typosquatted website, telegrgam[.]com. The site closely mimics the official Telegram download portal and delivers a malicious exec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have a detailed a critical security flaw in Fortinet’s FortiClient Enterprise Management Server (EMS). Tracked as CVE-2026-21643, this severe pre-authentication SQL injection vulnerability carries a near-maximum CVSS severity …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
