Online Social Networks(OSN) are an integral part of today's Web. Hacktivist,Politicians, celebrities, revolutionists, and others use OSNs as carrier for their message to a wide audience. The downs ...
The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...
Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...
Progress urged ShareFile Storage Zone customers to shut down internet-facing servers immediately over a credible security threat under investigation. Progress Software sent an urgent email to Shar ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Novel Java-Based QuimaRAT Targets Window ...
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Binarly found six U-Boot flaws, including two that enable code execution during boot image verification, impacting 50+ releases. Binarly's research team has found six vulnerabilities in U-Boot, th ...
Zimbra addressed a critical stored XSS vulnerability in its Classic Web Client that lets malicious emails execute code when opened. Zimbra has released version 10.1.19 to fix a critical stored XSS ...
Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide bet ...
Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket's security research team started with the inv ...
A former ransomware negotiator was sentenced to nearly six years for secretly helping BlackCat extort victims while betraying his clients. A U.S. court sentenced former ransomware negotiator Angel ...
Microsoft uncovered GigaWiper, a modular Go backdoor combining three malware families with espionage, remote control, and destructive wiping features. In October 2025, Microsoft's threat intellige ...
INTERPOL's Operation First Light 2026 led to 5,811 arrests, blocked $293M in criminal assets, and disrupted global fraud and money laundering networks. INTERPOL coordinated a four-month operation ...
GodDamn ransomware uses the signed PoisonX driver to disable security tools, marking a more advanced version of the Beast ransomware family. Symantec's Threat Hunter Team found a new ransomware fa ...
AssuranceAmerica confirmed a breach exposing nearly 7 million driver's licenses after hackers compromised an employee account and stole customer data. U.S. auto insurer AssuranceAmerica has confir ...
Microsoft fixed RoguePlanet (CVE-2026-50656), a Defender flaw allowing local attackers to gain higher privileges through the Malware Protection Engine. Microsoft released security updates for Rogu ...
Fake apps like WireVPN and a trojanized 7-Zip turn victims' devices into residential proxies, letting criminals route traffic through their IPs. Infoblox's threat research team started pulling on ...
Ubiquiti patched seven UniFi OS flaws, including critical CVE-2026-50746, which allows command injection in UniFi Connect Application. Ubiquiti released security updates for seven critical UniFi O ...
Accenture confirmed a breach after a hacker claimed to steal 35 GB of source code, keys, and Azure credentials now offered for sale. A threat actor using the handle "888" claimed on the cybercrime ...
RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium's zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription s ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalo ...
CISA is using Anthropic's Mythos AI to scan federal code for vulnerabilities, aiming to find flaws before hackers and foreign intelligence services. Three sources familiar with the matter told Reu ...

