CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
Ravie LakshmananApr 14, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen...
LakshmananApr
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
Ravie LakshmananApr 13, 2026Threat Intelligence / Malware Banks and financial institutions in Latin American countries like Brazil and Mexico have...
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
Ravie LakshmananApr 13, 2026Cybercrime / Threat Intelligence The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National...
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Ravie LakshmananApr 13, 2026Cybersecurity / Hacking Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are...
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Ravie LakshmananApr 13, 2026Social Engineering / Threat Intelligence The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed...
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Ravie LakshmananApr 12, 2026Malware / Threat Intelligence Unknown threat actors compromised CPUID ("cpuidcom"), a website that hosts popular hardware monitoring tools...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat...
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Ravie LakshmananApr 10, 2026Malware / Blockchain Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a...
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Ravie LakshmananApr 10, 2026Malware / Browser Security Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of...
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and...
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Ravie LakshmananApr 10, 2026Malware / Website Security Unknown threat actors have hijacked the update system for the Smart Slider 3...
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
Ravie LakshmananApr 09, 2026Vulnerability / Mobile Security Details have emerged about a now-patched security vulnerability in a widely used third-party...
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
Ravie LakshmananApr 09, 2026Malware / Windows Security A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting...
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Ravie LakshmananApr 09, 2026Hacking News / Cybersecurity News Thursday. Another week, another batch of things that probably should've been caught...
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Ravie LakshmananApr 09, 2026Vulnerability / Threat Intelligence Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader...
