1. A cluster of 108 malicious Google Chrome extensions was identified stealing user data and Telegram information from approximately 20000 users (thehackernews.com). 2. The critical ShowDoc remote code execution vulnerability CVE-2025-0520 is currently being actively exploited in the wild (thehackernews.com). 3. CISA added six vulnerabilities to its Known Exploited Vulnerabilities catalog including a critical SQL injection flaw in Fortinet FortiClient EMS tracked as CVE-2026-21643 (thehackernews.com).…
Posts tagged as “exploit”
1. Adobe released an emergency patch for CVE-2026-34621, a critical vulnerability in Acrobat Reader currently under active exploitation in the wild (The Hacker News). 2. Threat actors compromised the CPUID website to distribute trojanized versions of CPU-Z and HWMonitor, which deployed the STX RAT to unsuspecting users (The Hacker News). 3. ShinyHunters claimed a data breach affecting Rockstar Games, allegedly facilitated through a Snowflake integration…
1. A remote unauthenticated RCE to root chain vulnerability has been identified in CUPS (https://www.reddit.com/r/netsec/comments/1sflk3t/spooler_alert_remote_unauthd_rcetoroot_chain_in/). 2. A path traversal vulnerability in an MCP server allows AI agents to access sensitive SSH keys (https://www.reddit.com/r/netsec/comments/1sfhmaa/we_found_a_path_traversal_in_an_mcp_server_with/). 3. A self propagating credential worm has compromised npm packages under the fairwords scope to steal tokens and infect PyPI packages (https://www.reddit.com/r/Malware/comments/1sfjg9f/fairwords_npm_packages_compromised_by_a/). 4. Authorities have disrupted a campaign involving router DNS hijacks…
1. Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS that is currently being exploited in the wild (BleepingComputer). 2. German authorities identified a 31 year old Russian national as the leader of the REvil and GandCrab ransomware gangs responsible for over 130 attacks (The Hacker News). 3. A six month social engineering campaign by DPRK threat actors resulted in the theft…
1. ShinyHunters compromised Cisco source code and AWS keys by exploiting a supply chain vulnerability in Trivy. The breach resulted in the unauthorized cloning of over 300 repositories (https://www.reddit.com/r/netsec/comments/1sa8nld/cisco_source_code_stolen_by_shinyhunters_via/). 2. Google released a patch for a high severity Chrome zero day vulnerability identified as CVE 2026 5281 which is currently under active exploitation (https://thehackernews.com/2026/04/new-chrome-zero-day-cve-2026-5281-under.html). 3. Apple expanded the availability of iOS 18.7.7 and iPadOS 18.7.7…
1. A critical vulnerability in Fortinet FortiClient EMS is currently being exploited in active attacks. (bleepingcomputer.com) 2. The European Commission confirmed a data breach following a cyberattack on the Europa.eu platform claimed by the ShinyHunters extortion gang. (bleepingcomputer.com) 3. Pro-Iran hacktivist group Handala breached the personal email account of FBI Director Kash Patel and published sensitive documents. (bleepingcomputer.com) 4. Three China-linked threat clusters are targeting…
1. Citrix NetScaler ADC and Gateway are under active reconnaissance for CVE-2026-3055, a critical memory overread vulnerability with a CVSS score of 9.3 (The Hacker News). 2. CISA added CVE-2025-53521, a critical remote code execution flaw in F5 BIG-IP Access Policy Manager, to its Known Exploited Vulnerabilities catalog (The Hacker News). 3. Russian state-sponsored group TA446 is deploying the DarkSword iOS exploit kit in targeted…