Trending Now
Cyber Security News
GrayCharlie Hacks WordPress Sites, Spreads NetSupport RAT and Stealc Malware
GrayCharlie is abusing compromised WordPress sites to silently load malicious JavaScript that pushes NetSupport RAT, often followed by Stealc and SectopRAT, via fake browser...
Starkiller Phishing Kit Clones Real Login Pages to Evade MFA Protections
New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the...
CISA Warns of Actively Exploited Roundcube Vulnerabilities
On February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in...
jsPDF Flaw Exposes Millions of Developers to Object Injection
A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users...
HPE Telco Service Activator Vulnerability Allows Attackers to Bypass Access Controls
Hewlett Packard Enterprise (HPE) has issued a security bulletin warning customers of a serious vulnerability in its Telco Service Activator product that could allow attackers to...
North Korean Hackers Exploit Fake IT Worker Schemes and Malicious Interview Lures
North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal...
DPRK-Linked Hackers Continue Aggressive Crypto Attacks One Year After Bybit Breach
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach.
On 21...
Recent News
0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof
A new ransomware-as-a-service (RaaS) outfit calling itself 0APT has quickly drawn attention for all the wrong reasons, after loudly claiming to have compromised around 200 victims...
DPRK-Linked Hackers Continue Aggressive Crypto Attacks One Year After Bybit Breach
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach.
On 21...
Japanese Semiconductor Supplier Hit by Ransomware, Multiple Systems Impacted
Feb. 20, 2026 – Advantest Corporation, a top supplier of semiconductor test equipment, revealed it is battling a ransomware attack that struck its network...
Jenkins Vulnerabilities Exposes Build Environments to XSS Attacks
A popular open-source automation server used by developers worldwide to build, test, and deploy software faces serious security risks from recent flaws. On February...
Critical Ivanti EPMM Zero-Day Vulnerabilities Exploited in the Wild, Targeting Corporate Networks
Two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, are being actively exploited to compromise enterprise mobile fleets...
Cybercriminals Exploit Atlassian Cloud to Launch Spam Campaigns Promoting Fraudulent Investments
Cybercriminals abused Atlassian Cloud’s trusted infrastructure to run a burst of highly automated spam campaigns that redirected victims to fraudulent investment schemes and online...
Critical MCP Server Enables Arbitrary Code Execution and Sensitive Data Exfiltration
MCP servers can silently turn AI assistants into powerful attack platforms, enabling arbitrary code execution, large‑scale data exfiltration, and stealthy user manipulation across both...
China’s Parallel CVE Systems Expose Alternate Vulnerability Disclosure Timeline
Beyond CVE, China’s dual vulnerability databases, CNVD and CNNVD, show that vulnerability disclosure is not a single, global, unified process but a set of...
25 Vulnerabilities Found in Cloud Password Managers, Exposing Users to Unauthorized Access and Changes
The three major cloud-based password managers, such as Bitwarden, LastPass, and Dashlane, collectively serve approximately 60 million users.
Despite marketing claims of "zero-knowledge encryption," the...
.webp?w=218&resize=218,150&ssl=1 "Cisco Secure Email Gateway Zero-Day RCE Exploited in Active Attacks")