Trending Now
Cyber Security News
UAC-0247 Hits Hospitals, Governments With Browser and WhatsApp Data Theft
A surge of targeted cyberattacks was detected against local governments and municipal healthcare institutions particularly clinical and ambulance hospitals.
The campaign has been attributed...
Fake ProtonVPN, game mod sites spread NWHStealer in new Windows malware campaign
Multiple ongoing malware campaigns are distributing a powerful information-stealing trojan, tracked as NWHStealer, through fake VPN installers, gaming mods, and system tools.
Unlike typical phishing...
Hackers Exploit n8n Webhooks to Spread Malware
A new abuse campaign targeting AI-driven workflow automation platforms particularly n8n that turns legitimate automation tools into powerful malware delivery systems.
Between October 2025 and March...
Two U.S. Nationals Sentenced in $5 Million DPRK Remote Worker Laptop Farm Scheme
The U.S. Justice Department has sentenced two New Jersey residents, Kejia Wang and Zhenxing Wang, for enabling a massive fraudulent employment operation that generated...
New PoC Exploit Published for Microsoft Defender 0-Day Flaw
A security researcher operating under the alias "Chaotic Eclipse" has publicly released a proof-of-concept (PoC) exploit for a vulnerability in Microsoft Defender.
Published on...
Cisco FMC Zero-Day Among 31 High-Impact Vulnerabilities Exploited in March
31 high-impact vulnerabilities were actively exploited in March 2026, with a Cisco firewall zero-day abused by the Interlock ransomware group emerging as one of...
Chrome Privacy Vulnerability Exposes Users via Fingerprinting and Header Leaks
A new technical review of Google Chrome’s privacy posture shows that modern tracking no longer depends only on cookies, because websites can combine browser...
Recent News
Agentic LLM Browsers Open New Front in Prompt Injection, Data Theft
Agentic LLM browsers are turning everyday browsing into automated, AI-driven workflows but they also expose a powerful new attack surface for prompt injection and...
Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers
Iran-linked threat group CyberAv3ngers is intensifying attacks on U.S. water utilities and industrial control systems, shifting from noisy hacktivism to sustained disruption of operational technology (OT)...
Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks
Cybersecurity researchers have highlighted a critical vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams.
Tracked as CNVD-2020-26585, this severe...
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware
Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross‑platform malware chain that ends with the PHANTOMPULSE remote...
MuddyWater Uses Russian MaaS in New ChainShell Attack
MuddyWater is now weaponizing a Russian malware-as-a-service (MaaS) platform to run a new operation dubbed “ChainShell”, blending Iranian state targeting with commercially developed cybercrime...
Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails
Attackers are quietly abusing Microsoft 365 mailbox rules to steal emails, hide alerts, and maintain long-term access without installing malware.
These stealthy tactics are...
Hackers Exploit n8n Webhooks to Spread Malware
A new abuse campaign targeting AI-driven workflow automation platforms particularly n8n that turns legitimate automation tools into powerful malware delivery systems.
Between October 2025 and March...
Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries
Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting...
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi‑stage obfuscated loader to quietly tunnel traffic...
