CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Ravie LakshmananJun 06, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security...
Ravie
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Ravie LakshmananJun 06, 2026Supply Chain Attack / Malware Microsoft's GitHub repositories have become the latest to fall victim to the...
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has...
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Ravie LakshmananJun 05, 2026Spyware / Mobile Security Arabic-speaking users have emerged as the target of a new Android spyware codenamed...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with...
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
Ravie LakshmananJun 04, 2026Hacking News / Cybersecurity News It got stupid again. The internet still feels held together with tape....
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
Ravie LakshmananJun 04, 2026Malware / Cybercrime A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Ravie LakshmananJun 04, 2026Malvertising / Browser Security Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge...
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
Ravie LakshmananJun 04, 2026Cryptocurrency / Law Enforcement The U.S. Department of Justice (DoJ) on Wednesday announced the results of a...
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Ravie LakshmananJun 03, 2026Malware / Microsoft Defender Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's...
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Ravie LakshmananJun 03, 2026Vulnerability / Software Development Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS...
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Ravie LakshmananJun 03, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited...
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers,...
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Ravie LakshmananJun 02, 2026Vulnerability / Mobile Security Google on Monday released patches for 124 security vulnerabilities impacting its Android operating...
