Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Ravie LakshmananMar 28, 2026Vulnerability / Network Security A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway...
Hacking
Category Added in a WPeMatico Campaign
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
Ravie LakshmananMar 28, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical...
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Ravie LakshmananMar 28, 2026Mobile Security / Email Security Proofpoint has disclosed details of a targeted email campaign in which threat...
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Ravie LakshmananMar 27, 2026Spyware / Mobile Security Apple is now sending Lock Screen notifications to iPhones and iPads running older...
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python...
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Ravie LakshmananMar 27, 2026Software Security / DevSecOps Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish...
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ravie LakshmananMar 27, 2026Ransomware / Malware Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for...
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s...
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber...
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Ravie LakshmananMar 27, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if...
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage...
![[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCypzkb6uvHuNx6LKknUqtvQFoqsr6aalztDeBKT1aaUASzfjZMZAZqExx1k0w5iKWl08lx3MxbM_FwWxAvBdZODEerioaMp8OHVvhSjC8VL3uAW9_NMniMl_niggBVhVMdDFu2324YyhW5TrK4fua1PXlrb0DweOULvNgi5mlQUZUct_dIX3OePrfqks/s1600/validate.jpg)
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
The Hacker NewsMar 26, 2026Security Testing / Security Automation Most teams have security tools in place. Alerts are firing, dashboards...
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
Ravie LakshmananMar 26, 2026Malware / Mobile Security The kernel exploit for two security vulnerabilities used in the recently uncovered Apple...
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
Ravie LakshmananMar 26, 2026Malware / Web Security Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels...
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
Ravie LakshmananMar 25, 2026Cybercrime / Dark Web The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian...
