1. The Axios npm package was compromised via a stolen maintainer account to distribute a malicious dependency and a cross platform remote access trojan. (thehackernews.com) 2. CISA issued an emergency directive for federal agencies to patch an actively exploited vulnerability in Citrix NetScaler appliances. (bleepingcomputer.com) 3. Iranian state affiliated hackers breached the personal email account of the FBI director and leaked personal documents and photos…
Posts published in “CyberSec report”
1. A critical vulnerability in Fortinet FortiClient EMS is currently being exploited in active attacks. (bleepingcomputer.com) 2. The European Commission confirmed a data breach following a cyberattack on the Europa.eu platform claimed by the ShinyHunters extortion gang. (bleepingcomputer.com) 3. Pro-Iran hacktivist group Handala breached the personal email account of FBI Director Kash Patel and published sensitive documents. (bleepingcomputer.com) 4. Three China-linked threat clusters are targeting…
1. Citrix NetScaler ADC and Gateway are under active reconnaissance for CVE-2026-3055, a critical memory overread vulnerability with a CVSS score of 9.3 (The Hacker News). 2. CISA added CVE-2025-53521, a critical remote code execution flaw in F5 BIG-IP Access Policy Manager, to its Known Exploited Vulnerabilities catalog (The Hacker News). 3. Russian state-sponsored group TA446 is deploying the DarkSword iOS exploit kit in targeted…
1. A new payment skimmer uses WebRTC data channels to bypass security controls and exfiltrate payment data from e-commerce sites (thehackernews.com). 2. A Magento vulnerability identified as APSB25-94 allows unauthenticated file uploads leading to remote code execution (reddit.com). 3. The GlassWorm malware campaign has evolved to use Solana blockchain dead drops to deliver remote access trojans and steal sensitive browser and crypto data (thehackernews.com). 4.…