Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Ravie LakshmananApr 22, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE...
Hacking
Category Added in a WPeMatico Campaign
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Ravie LakshmananApr 22, 2026Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium...
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called...
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Ravie LakshmananApr 21, 2026Network Security / Vulnerability Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters...
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
Ravie LakshmananApr 21, 2026Insider Threat / Cybercrime A third individual who was employed as a ransomware negotiator has pleaded guilty...
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the...
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
Ravie LakshmananApr 21, 2026Mobile Security / Artificial Intelligence Cybersecurity researchers have discovered a new iteration of an Android malware family...
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits....
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
Ravie LakshmananApr 21, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE),...
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
Ravie LakshmananApr 21, 2026Network Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight...
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Ravie LakshmananApr 20, 2026Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully...
⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
Ravie LakshmananApr 20, 2026Cybersecurity / Hacking Monday’s recap shows the same pattern in different places. A third-party tool becomes a...
Why Most AI Deployments Stall After the Demo
The Hacker NewsApr 20, 2026Artificial Intelligence / Privacy The fastest way to fall in love with an AI tool is...
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
Ravie LakshmananApr 20, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context...
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment...
