Malware & Threats
80 материалов
- TrueConf Zero-Day Exploited in Asian Government Attacks
Vulnerabilities
A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional payloads. The post TrueConf Zero-Day Exploited in Asian Government Attacks appeared first on SecurityWeek.
- In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Malware & Threats
Other noteworthy stories that might have slipped under the radar: Symantec vulnerability, anti-ClickFix mechanism added to macOS, FBI hack classified as major incident. The post In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware appeared first on SecurityWeek.
- Critical ShareFile Flaws Lead to Unauthenticated RCE
Vulnerabilities
The vulnerabilities can be chained together to bypass authentication and upload arbitrary files to the server. The post Critical ShareFile Flaws Lead to Unauthenticated RCE appeared first on SecurityWeek.
- React2Shell Exploited in Large-Scale Credential Harvesting Campaign
Malware & Threats
Using automated scanning and the Nexus Listener collection framework, the hackers compromised over 750 systems. The post React2Shell Exploited in Large-Scale Credential Harvesting Campaign appeared first on SecurityWeek.
- T-Mobile Sets the Record Straight on Latest Data Breach Filing
Data Breaches
The cybersecurity incident involved an insider and had a limited impact, the telecoms giant told SecurityWeek. The post T-Mobile Sets the Record Straight on Latest Data Breach Filing appeared first on SecurityWeek.
- North Korean Hackers Drain $285 Million From Drift in 10 Seconds
Cybercrime
The attackers prepared infrastructure and multiple nonce-based transactions, took over an admin key, and drained five vaults. The post North Korean Hackers Drain $285 Million From Drift in 10 Seconds appeared first on SecurityWeek.
- Critical Vulnerability in Claude Code Emerges Days After Source Leak
Artificial Intelligence · Vulnerabilities
Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. The post Critical Vulnerability in Claude Code Emerges Days After Source Leak appeared first on SecurityWeek.
- Apple Rolls Out DarkSword Exploit Protection to More Devices
Mobile & Wireless · Vulnerabilities
The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Protection to More Devices appeared first on SecurityWeek.
- Cisco Patches Critical and High-Severity Vulnerabilities
Vulnerabilities
The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation. The post Cisco Patches Critical and High-Severity Vulnerabilities appeared first on SecurityWeek.
- 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital
Data Breaches
In January 2026, a threat actor hacked the hospital’s internal network and stole personal and health information. The post 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital appeared first on SecurityWeek.
- Toy Giant Hasbro Hit by Cyberattack
Cybercrime
The company is investigating the full scope of the incident, including whether any files have been compromised.
- Sophisticated CrystalX RAT Emerges
Malware & Threats
The malware can spy on victims, steal their information, and make configuration changes on devices. The post Sophisticated CrystalX RAT Emerges appeared first on SecurityWeek.
- Toy Giant Hasbro Hit by Cyberattack
Cybercrime
The company is investigating the full scope of the incident, including whether any files have been compromised. The post Toy Giant Hasbro Hit by Cyberattack appeared first on SecurityWeek.
- New DeepLoad Malware Dropped in ClickFix Attacks
Malware & Threats
The malware steals credentials, installs a malicious browser extension, and can spread via USB drives. The post New DeepLoad Malware Dropped in ClickFix Attacks appeared first on SecurityWeek.
- Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome
Vulnerabilities
Google has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component. The post Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome appeared first on SecurityWeek.
- US Charges Uranium Crypto Exchange Hacker
Cybercrime
Jonathan Spalletta exploited smart contract vulnerabilities to steal approximately $55 million in cryptocurrency and cause Uranium to shut down. The post US Charges Uranium Crypto Exchange Hacker appeared first on SecurityWeek.
- Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks
Identity & Access · Cybercrime
Report shows how industrialized credential theft underpins ransomware, SaaS breaches, and geopolitical attacks, shifting security focus from prevention to detecting misuse of legitimate access. The post Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks appeared first on SecurityWeek.
- Venom Stealer Raises Stakes With Continuous Credential Harvesting
Malware & Threats
Licensed malware with built-in persistence and automation enables attackers to continuously siphon credentials, session data, and cryptocurrency assets. The post Venom Stealer Raises Stakes With Continuous Credential Harvesting appeared first on SecurityWeek.
- Exploitation of Critical Fortinet FortiClient EMS Flaw Begins
Vulnerabilities
The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on SecurityWeek.
- StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs
Vulnerabilities
Remotely exploitable, the integer underflow vulnerability impacts StrongSwan releases spanning 15 years. The post StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs appeared first on SecurityWeek.
- Lloyds Data Security Incident Impacts 450,000 Individuals
Data Breaches
A faulty software update led to the exposure of mobile banking users’ transactions to other users of the application. The post Lloyds Data Security Incident Impacts 450,000 Individuals appeared first on SecurityWeek.
- Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
Artificial Intelligence · Vulnerabilities
Researchers found an OpenAI Codex vulnerability that could have been exploited to compromise GitHub tokens. The post Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise appeared first on SecurityWeek.
- Healthcare IT Platform CareCloud Probing Potential Data Breach
Data Breaches
The company has disclosed a cybersecurity incident involving one of its electronic health record environments. The post Healthcare IT Platform CareCloud Probing Potential Data Breach appeared first on SecurityWeek.
- Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
Nation-State · Mobile & Wireless
The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well as think tanks. The post Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit appeared first on SecurityWeek.
- European Commission Reports Cyber Intrusion and Data Theft
Data Breaches
The ShinyHunters hacker group claimed to have stolen over 350GB of information from European Commission cloud systems. The post European Commission Reports Cyber Intrusion and Data Theft appeared first on SecurityWeek.
- Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare
Nation-State · Cyberwarfare
Iran-linked hacking groups are turning to high-volume, low-impact cyberattacks, and AI is providing a boost. The post Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare appeared first on SecurityWeek.
- Telnyx Targeted in Growing TeamPCP Supply Chain Attack
Supply Chain Security · Malware & Threats
Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux. The post Telnyx Targeted in Growing TeamPCP Supply Chain Attack appeared first on SecurityWeek.
- Exploitation of Fresh Citrix NetScaler Vulnerability Begins
Vulnerabilities
The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs. The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appeared first on SecurityWeek.
- FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers
Nation-State
The agency said Iranian hackers targeted the director’s personal email account and noted that the compromised information is old. The post FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers appeared first on SecurityWeek.
- F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild
Vulnerabilities
Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue. The post F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild appeared first on SecurityWeek.
- Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
Malware & Threats
The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek.
- Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account
Cybercrime · Cyberwarfare
The group that it was making available for download emails and other documents from Patel’s account. The post Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account appeared first on SecurityWeek.
- OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
Artificial Intelligence · Vulnerabilities
Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm. The post OpenAI Launches Bug Bounty Program for Abuse and Safety Risks appeared first on SecurityWeek.
- TP-Link Patches High-Severity Router Vulnerabilities
Vulnerabilities
The security defects could be used to bypass authentication, execute arbitrary commands, and decrypt configuration files. The post TP-Link Patches High-Severity Router Vulnerabilities appeared first on SecurityWeek.
- Hightower Holding Data Breach Impacts 130,000
Data Breaches
The holdings company says hackers stole names, Social Security numbers, and driver’s license numbers from its environment. The post Hightower Holding Data Breach Impacts 130,000 appeared first on SecurityWeek.
- BIND Updates Patch High-Severity Vulnerabilities
Vulnerabilities
Specially crafted domains could be used to cause out-of-memory conditions, leading to memory leaks in the BIND resolvers. The post BIND Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
- Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
Nation-State
The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.
- Cisco Patches Multiple Vulnerabilities in IOS Software
Vulnerabilities
The high- and medium-severity flaws could lead to denial-of-service, secure boot bypass, information disclosure, and privilege escalation. The post Cisco Patches Multiple Vulnerabilities in IOS Software appeared first on SecurityWeek.
- Alleged RedLine Malware Administrator Extradited to US
Cybercrime · Malware & Threats
Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek.
- Russian Cybercriminal Gets 2-Year Prison Sentence in US
Ransomware · Cybercrime
Ilya Angelov was a member of the cybercrime group tracked as TA-551, Shathak, Gold Cabin, Monster Libra, and ATK236. The post Russian Cybercriminal Gets 2-Year Prison Sentence in US appeared first on SecurityWeek.
- iOS, macOS 26.4 Roll Out With Fresh Security Patches
Endpoint Security · Vulnerabilities
Apple released security fixes for older devices as well, in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5. The post iOS, macOS 26.4 Roll Out With Fresh Security Patches appeared first on SecurityWeek.
- From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
Application Security · Malware & Threats
The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$. The post From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI appeared first on SecurityWeek.
- US Prisons Russian Access Broker for Aiding Ransomware Attacks
Ransomware · Cybercrime
Aleksei Volkov has been sentenced to 81 months in prison for his role in Yanluowang ransomware attacks. The post US Prisons Russian Access Broker for Aiding Ransomware Attacks appeared first on SecurityWeek.
- HackerOne Employee Data Exposed in Massive Navia Breach
Data Breaches
The cybersecurity firm said the personal information of hundreds of employees was stolen in the hacker attack targeting Navia. The post HackerOne Employee Data Exposed in Massive Navia Breach appeared first on SecurityWeek.
- Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector
Cyberwarfare
The attacks included a destructive infiltration of Poland's energy system in December and was suspected of originating in Russia. The post Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector appeared first on SecurityWeek.
- Extortion Group Claims It Hacked AstraZeneca
Data Breaches
The Lapsus$ hackers allegedly compromised internal code repositories, credentials, and employee data. The post Extortion Group Claims It Hacked AstraZeneca appeared first on SecurityWeek.
- Chrome 146 Update Patches High-Severity Vulnerabilities
Vulnerabilities
The software refresh fixes eight memory safety bugs affecting seven Chrome components. The post Chrome 146 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
- 3.1 Million Impacted by QualDerm Data Breach
Data Breaches
Hackers stole personal, medical, and health insurance information from the company’s internal systems. The post 3.1 Million Impacted by QualDerm Data Breach appeared first on SecurityWeek.
- Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool
Cyberwarfare
The role of Israel’s hijacking of Iran’s street cameras in the killing of the country’s supreme leader underscores how surveillance systems are increasingly being targeted by adversaries in wartime. The post Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool appeared first on SecurityWeek.
- Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
Vulnerabilities
An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory. The post Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn appeared first on SecurityWeek.
- Mazda Says Employee, Partner Information Stolen in Cyberattack
Data Breaches
The hackers stole internal IDs, names, email addresses, and business partner IDs from an internal management system. The post Mazda Says Employee, Partner Information Stolen in Cyberattack appeared first on SecurityWeek.
- Stryker Says Malicious File Found During Probe Into Iran-Linked Attack
Malware & Threats
The FBI has published an alert describing the malware used by Iranian government hackers. The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek.
- M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds
Cybercrime
The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025. The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek.
- Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
Ransomware · Data Breaches
The semiconductor company says hackers deployed file-encrypting ransomware on the network of a subsidiary in Singapore. The post Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware appeared first on SecurityWeek.
- QNAP Patches Four Vulnerabilities Exploited at Pwn2Own
Vulnerabilities
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior. The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.
- Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability
Vulnerabilities
CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek.
- Critical Quest KACE Vulnerability Potentially Exploited in Attacks
Vulnerabilities
The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector. The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek.
- In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
Cybercrime
Other noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlemen ransomware group. The post In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting appeared first on SecurityWeek.
- US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites
Nation-State
The US has seized several domains used by Handala in cyber-enabled psychological operations. The post US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites appeared first on SecurityWeek.
- Navia Data Breach Impacts 2.7 Million
Data Breaches
Between late December 2025 and mid-January 2026, hackers stole personal and health plan information from Navia’s environment. The post Navia Data Breach Impacts 2.7 Million appeared first on SecurityWeek.
- Thousands of Magento Sites Hit in Ongoing Defacement Campaign
Cybercrime
The attacks started on February 27 and have targeted e-commerce platforms, global brands, and government services. The post Thousands of Magento Sites Hit in Ongoing Defacement Campaign appeared first on SecurityWeek.
- Critical Langflow Vulnerability Exploited Hours After Public Disclosure
Artificial Intelligence · Vulnerabilities
Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek.
- Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
IoT Security · Cybercrime
The lesser-known JackSkid and Mossad botnets have also been targeted in the operation. The post Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation appeared first on SecurityWeek.
- Critical ScreenConnect Vulnerability Exposes Machine Keys
Vulnerabilities
Latest ScreenConnect version adds encrypted storage and management to prevent unauthorized access to machine keys. The post Critical ScreenConnect Vulnerability Exposes Machine Keys appeared first on SecurityWeek.
- Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury
Threat Intelligence · Cyberwarfare
Analysis reveals a six-month buildup of Iran-linked cyber infrastructure, including US-based shell companies, designed to weather kinetic strikes and ensure the resilience of its global hacking operations. The post Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury appeared first on SecurityWeek.
- Marquis Data Breach Affects 672,000 Individuals
Data Breaches
It was previously estimated that more than 1.6 million people may be affected by the Marquis data breach. The post Marquis Data Breach Affects 672,000 Individuals appeared first on SecurityWeek.
- Security Firm Aura Discloses Data Breach Impacting 900,000 Records
Data Breaches
The information was stolen from a marketing tool after an employee fell victim to a targeted phone phishing attack. The post Security Firm Aura Discloses Data Breach Impacting 900,000 Records appeared first on SecurityWeek.
- Russian APT Exploits Zimbra Vulnerability Against Ukraine
Vulnerabilities · Malware & Threats
Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek.
- CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
Vulnerabilities
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
- Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
Ransomware · Vulnerabilities
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek.
- ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
Mobile & Wireless · Vulnerabilities
Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek.
- Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
Malware & Threats
The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. The post Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach appeared first on SecurityWeek.
- Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch
Vulnerabilities
Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek.
- Robotic Surgery Giant Intuitive Discloses Cyberattack
Data Breaches
The company says some of its internal business applications were accessed after an employee fell victim to a phishing attack. The post Robotic Surgery Giant Intuitive Discloses Cyberattack appeared first on SecurityWeek.
- 174 Vulnerabilities Targeted by RondoDox Botnet
Malware & Threats
The botnet has increased its activity, peaking at 15,000 exploitation attempts per day, and taking a more targeted approach. The post 174 Vulnerabilities Targeted by RondoDox Botnet appeared first on SecurityWeek.
- Google, Meta, Microsoft Among Signatories of Pact to Combat Scams
Fraud & Identity Theft
Several major tech and retail companies have signed an industry accord against online scams and fraud. The post Google, Meta, Microsoft Among Signatories of Pact to Combat Scams appeared first on SecurityWeek.
- CISA Flags Year-Old Wing FTP Vulnerability as Exploited
Vulnerabilities
Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek.
- Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact
Ransomware · Data Breaches
Broadcom, Bechtel, Estée Lauder, and Abbott Technologies are the only major companies that have yet to issue a public statement. The post Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact appeared first on SecurityWeek.
- China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
Nation-State
The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek.
- Threat Actor Targeting VPN Users in New Credential Theft Campaign
Malware & Threats
Storm-2561 is distributing fake VPN clients through SEO poisoning, deploying trojans, and stealing login information. The post Threat Actor Targeting VPN Users in New Credential Theft Campaign appeared first on SecurityWeek.