WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Ravie LakshmananJun 09, 2026Vulnerability / Cyber Espionage Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in...
Ravie
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Ravie LakshmananJun 09, 2026Vulnerability / Browser Security Google has released security updates to address 74 vulnerabilities, including one that has...
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Ravie LakshmananJun 09, 2026Vulnerability / Artificial Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...
Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order
Ravie LakshmananJun 08, 2026Spyware / Mobile Security Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli...
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
Ravie LakshmananJun 08, 2026Vulnerability / Network Security Check Point has warned of active exploitation of a critical vulnerability impacting Remote...
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
Ravie LakshmananJun 08, 2026Cyber Espionage / Malware A China-nexus cyber espionage group has been observed deploying a BSD variant of...
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Ravie LakshmananJun 08, 2026Software Supply Chain / Malware Microsoft has announced that Visual Studio Code (VS Code) will apply a...
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
Ravie LakshmananJun 06, 2026Cybersecurity / Artificial Intelligence OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible...
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Ravie LakshmananJun 06, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security...
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Ravie LakshmananJun 06, 2026Supply Chain Attack / Malware Microsoft's GitHub repositories have become the latest to fall victim to the...
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has...
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Ravie LakshmananJun 05, 2026Spyware / Mobile Security Arabic-speaking users have emerged as the target of a new Android spyware codenamed...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with...
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
Ravie LakshmananJun 04, 2026Hacking News / Cybersecurity News It got stupid again. The internet still feels held together with tape....