-
Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices. The company released an advisory on…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver malware through a sophisticated multi-stage attack campaign. Security researchers from Zscaler Threat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a critical vulnerability affecting multiple versions of KiloView Encoder Series devices, warning that unauthenticated attackers could gain full administrative access. Issued unde…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in its Console component. The vulnerability, tracked as CVE-2026-23795, allows authenticated administrators …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise of Notepad++ distribution infrastructure that delivered Chrysalis, a previously undocumented custom ba…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On December 29, 2025, Poland experienced a significant escalation in coordinated cyberattacks targeting critical energy infrastructure. More than 30 wind and photovoltaic farms, a manufacturing company, and a large combined heat and power plant supplyi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting E…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A pro-Russian hacker alliance calling itself “Russian Legion” has issued direct threats against Denmark, warning of large-scale cyberattacks linked to the country’s planned military support to Ukraine. The campaign appears designed to combine disruptiv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist coll…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft disclosed a critical zero-day vulnerability in Office products on January 26, 2026, tracked as CVE-2026-21509, with active exploitation in the wild confirmed. The vulnerability enables attackers to deploy sophisticated malware through malicio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
