FrostyNeighbor: Fresh mischief and digital shenanigans
This blogpost covers newly discovered activities attributed to FrostyNeighbor, targeting governmental organizations in Ukraine. FrostyNeighbor has been running continual cyberoperations,...
newly
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has moved to contain the newly disclosed Windows zero-day vulnerability, dubbed “YellowKey,” but the company still lacks a permanent...
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Ravie LakshmananMay 17, 2026Server Security / Vulnerability A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come...
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
Ravie LakshmananMay 05, 2026Endpoint Security / Software Security A newly identified supply chain attack targeting DAEMON Tools software has compromised...
Google Update: Android Flaw Could Put Billions of Devices at Risk
A newly patched Android flaw could allow nearby attackers to execute code without a tap, click, or user warning. Google...
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Ravie LakshmananMay 01, 2026Malware / Threat Intelligence A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as...
PCI SSC Launches Enhanced Language Microsites for Global Audience
The PCI Security Standards Council (PCI SSC) has announced the launch of newly redesigned language microsites, delivering a more accessible,...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Axios Compromise on npm Introduces Hidden Malicious Package
A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used...
New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack
Image: Frederik Lipfert (Unsplash) A newly leaked version of the DarkSword exploit kit is raising fresh concerns among security researchers,...
Microsoft Confirms Windows 11 Bug Crippling PCs, Blocking Access to Core Drive
Image: Clint Patterson/Unsplash A newly confirmed Windows 11 bug is locking some users out of their computers. Microsoft has confirmed...
Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions
Image: Aminu Abdullahi/TechRepublic A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes to malicious apps on the...
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Ravie LakshmananFeb 26, 2026Vulnerability / Network Security A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart)...
10K Claude Desktop Users Exposed by Zero-Click Vulnerability
Image: iLixe48/Envato A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click...
