BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
Ravie LakshmananFeb 09, 2026Enterprise Security / Network Security BeyondTrust has released updates to address a critical security flaw impacting Remote...
Ravie
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
Ravie LakshmananFeb 06, 2026Malware / IoT Security Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework...
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
Ravie LakshmananFeb 06, 2026Federal Security / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian...
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
Ravie LakshmananFeb 06, 2026Cyber Espionage / Malware A previously undocumented cyber espionage group operating from Asia broke into the networks...
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Ravie LakshmananFeb 06, 2026Artificial Intelligence / Vulnerability Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM),...
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
Ravie LakshmananFeb 05, 2026Botnet / Network Security The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a...
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
Ravie LakshmananFeb 05, 2026Cybersecurity / Hacking News This week didn’t produce one big headline. It produced many small signals —...
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
Ravie LakshmananFeb 05, 2026Malware / Cyber Espionage The elusive Iranian threat group known as Infy (aka Prince of Persia) has...
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Ravie LakshmananFeb 05, 2026Workflow Automation / Vulnerability A new, critical security vulnerability has been disclosed in the n8n workflow automation...
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Ravie LakshmananFeb 05, 2026Web Security / Vulnerability Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that...
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
Ravie LakshmananFeb 04, 2026Artificial Intelligence / Software Security Microsoft on Wednesday said it built a lightweight scanner that it said...
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
Ravie LakshmananFeb 04, 2026Malware / Endpoint Security Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX...
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
Ravie LakshmananFeb 04, 2026Malvertising / Infostealer Microsoft has warned that information-stealing attacks are "rapidly expanding" beyond Windows to target Apple...
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
Ravie LakshmananFeb 04, 2026Supply Chain Security / Secure Coding The Eclipse Foundation, which maintains the Open VSX Registry, has announced...
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Ravie LakshmananFeb 04, 2026Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical...
