DragonForce ransomware used a custom malware named ‘Backdoor.Turn’ to hide command-and-control traffic inside Microsoft Teams relay infrastructure. […]
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. […]
CISA warns of another cPanel plugin flaw exploited in attacks Read More »
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. […]
Critical Fortinet FortiSandbox flaws now exploited in attacks Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026. The vulnerability in question is CVE-2026-54420 (CVSS score: 8.5), which has been described as a case
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation Read More »
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. “A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated,
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw Read More »
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients’ personal and health information stored on third-party-hosted business applications. […]
iRhythm discloses data breach, says hackers stole patient info Read More »
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. […]
Windows version of SprySOCKS Linux malware used to attack govt orgs Read More »
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels Read More »
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the unusual part: the attackers rewired the victims’ own Google Workspace
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails Read More »
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. […]
SimpleHelp bug lets hackers create rogue remote support accounts Read More »