News
-
Adobe Reader Zero-Day Exploit Targets Users via Malicious PDF Files
Read more: Adobe Reader Zero-Day Exploit Targets Users via Malicious PDF FilesA newly discovered zero-day vulnerability in Adobe Acrobat Reader is actively being exploited in real-world attacks, putting users at significant risk. The flaw allows attackers to execute malicious actions simply by tricking victims into opening…
-
Masjesu Botnet: Emerging DDoS-for-Hire Threat Targeting IoT Devices
Read more: Masjesu Botnet: Emerging DDoS-for-Hire Threat Targeting IoT DevicesThe Masjesu botnet is emerging as a new DDoS-for-hire service targeting Internet of Things (IoT) devices such as routers and network gateways. Active since 2023, this botnet focuses on stealth and persistence, quietly building a…
-
Docker Auth Bypass Bug Could Lead to Full Host Compromise
Read more: Docker Auth Bypass Bug Could Lead to Full Host CompromiseA high-severity vulnerability tracked as CVE-2026-34040 has been found in Docker Engine, allowing attackers to bypass authorization controls and potentially take over the host system. The flaw impacts environments that rely on authorization plugins (AuthZ)…
-
Iran-Linked Password Spraying Attack Targets Microsoft 365 Accounts
Read more: Iran-Linked Password Spraying Attack Targets Microsoft 365 AccountsCybersecurity researchers have identified a large-scale password spraying campaign linked to Iran targeting Microsoft 365 accounts across multiple regions. The attacks primarily focused on organizations in Israel and the United Arab Emirates, with hundreds of…
-
Malicious npm Packages Disguised as Plugins Target Developers
Read more: Malicious npm Packages Disguised as Plugins Target DevelopersSecurity researchers have uncovered a campaign involving 36 malicious npm packages disguised as legitimate plugins, targeting developers and backend systems. These packages impersonated popular Strapi CMS plugins, making them appear safe and trustworthy to unsuspecting…
-
Chrome Zero-Day CVE-2026-5281 Actively Exploited, Update Your Browser Now
Read more: Chrome Zero-Day CVE-2026-5281 Actively Exploited, Update Your Browser NowGoogle has released a major security update for Google Chrome to address 21 vulnerabilities, including a dangerous zero-day flaw identified as CVE-2026-5281 that is already being actively exploited. This vulnerability is a use-after-free bug found…
-
Claude Chrome Extension Bug Enables Zero-Click XSS Prompt Injection
Read more: Claude Chrome Extension Bug Enables Zero-Click XSS Prompt InjectionA critical vulnerability in the Claude Chrome Extension from Anthropic allowed attackers to inject malicious prompts without any user interaction. This flaw, known as ShadowPrompt, made it possible for a victim to be compromised simply…
-
FCC Bans Foreign-Made Routers Over Cybersecurity Risks
Read more: FCC Bans Foreign-Made Routers Over Cybersecurity RisksThe Federal Communications Commission (FCC) has announced a ban on new foreign-made consumer routers, citing serious cybersecurity and supply chain risks. This decision prevents newly manufactured routers from overseas vendors from being marketed or sold…
-
LeakNet Ransomware Uses ClickFix and Deno for Stealth Attacks
Read more: LeakNet Ransomware Uses ClickFix and Deno for Stealth AttacksThe LeakNet ransomware group has adopted a new attack method using ClickFix, a social engineering technique delivered through compromised websites. Instead of relying on stolen credentials, attackers trick users into running malicious commands—such as msiexec.exe—via…
-
Ubuntu CVE-2026-3888 Bug Can Lead to Root Access
Read more: Ubuntu CVE-2026-3888 Bug Can Lead to Root AccessA serious security flaw has been discovered in Ubuntu Desktop versions 24.04 and later, allowing attackers to gain root access. Tracked as CVE-2026-3888 with a CVSS score of 7.8, this vulnerability is considered high risk…