Iranian threat actor MuddyWater has employed Microsoft Teams in a false flag ransomware attack, using social engineering to gain credentials. The campaign, observed by Rapid7 in...
Researchers identify a large-scale fraud operation leveraging Telegram Mini Apps to conduct cryptocurrency scams, brand impersonation, and malware delivery on Android devices.
CISA has included a local privilege escalation vulnerability affecting multiple Linux distributions in its Known Exploited Vulnerabilities catalog following reports of active exploitation.
Two cybercrime groups, Cordial Spider and Snarky Spider, are mounting swift, high-impact attacks inside SaaS environments by exploiting vishing and single sign-on mechanisms, according to cybersecurity...
A Vietnamese-linked threat group has used Google AppSheet to distribute phishing emails targeting Facebook users, compromising around 30,000 accounts. The stolen credentials are reportedly sold on...
A critical authentication bypass vulnerability, CVE-2026-41940, affecting cPanel, WHM, and WP Squared is being actively exploited in the wild. Proof-of-concept exploit code has recently been made...
Google has fixed a critical vulnerability in its Gemini CLI npm package and GitHub Actions workflow that could enable arbitrary code execution by attackers.
A newly disclosed Linux local privilege escalation vulnerability, CVE-2026-31431, allows unprivileged users to gain root access by writing controlled bytes into system file caches.
The VECT 2.0 ransomware contains a critical flaw that results in the permanent destruction of large files rather than their encryption, according to recent security research.
The Brazilian cybercrime group LofyGang has resurfaced after three years with a new malware campaign targeting Minecraft users. The campaign employs LofyStealer malware disguised as a...
May 6, 2026
