CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Ravie LakshmananJun 17, 2026Vulnerability / Supply Chain Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a...
LakshmananJun
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
Ravie LakshmananJun 04, 2026Malware / Cybercrime A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to...
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Ravie LakshmananJun 09, 2026Vulnerability / Cyber Espionage Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in...
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Ravie LakshmananJun 09, 2026Vulnerability / Browser Security Google has released security updates to address 74 vulnerabilities, including one that has...
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Ravie LakshmananJun 09, 2026Vulnerability / Artificial Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...
Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order
Ravie LakshmananJun 08, 2026Spyware / Mobile Security Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli...
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
Ravie LakshmananJun 08, 2026Vulnerability / Network Security Check Point has warned of active exploitation of a critical vulnerability impacting Remote...
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
Ravie LakshmananJun 08, 2026Cyber Espionage / Malware A China-nexus cyber espionage group has been observed deploying a BSD variant of...
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Ravie LakshmananJun 08, 2026Software Supply Chain / Malware Microsoft has announced that Visual Studio Code (VS Code) will apply a...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with...
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
Ravie LakshmananJun 04, 2026Hacking News / Cybersecurity News It got stupid again. The internet still feels held together with tape....
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
Ravie LakshmananJun 04, 2026Malware / Cybercrime A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Ravie LakshmananJun 04, 2026Malvertising / Browser Security Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge...
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
Ravie LakshmananJun 04, 2026Cryptocurrency / Law Enforcement The U.S. Department of Justice (DoJ) on Wednesday announced the results of a...
