A sophisticated iOS exploit framework known as DarkSword has been actively used by multiple threat actors since late 2025 to compromise Apple devices and extract sensitive user data. Research from Google Threat Intelligence Group (GTIG), iVerify, and Lookout reveals that the exploit kit enables near-complete device takeover with minimal user interaction. DarkSword has been deployed […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding the active exploitation of critical vulnerabilities affecting Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint. The agency has urged organizations, especially government entities, to immediately apply security patches to mitigate risks. Actively Exploited Vulnerabilities The two vulnerabilities highlighted by CISA include: CISA
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities linked to a North Korean IT worker network that defrauds companies to fund the nation’s weapons of mass destruction (WMD) programs. Secretary of the Treasury Scott Bessent stated, “The North Korean regime targets American companies through
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs via Fake Remote Jobs Read More »
Amazon Threat Intelligence has issued a warning regarding an active Interlock ransomware campaign exploiting a critical zero-day in Cisco Secure Firewall Management Center (FMC) software. The vulnerability, CVE-2026-20131 (CVSS 10.0), stems from insecure deserialization of user-supplied Java byte streams, enabling unauthenticated attackers to execute arbitrary Java code as root. According to Amazon’s MadPot global sensor
Interlock Ransomware Exploits Cisco FMC Zero Day CVE-2026-20131 to Gain Root Access Read More »
Cybersecurity researchers have revealed nine severe vulnerabilities in low-cost IP KVM devices, highlighting the risks posed by these networked remote management tools. The flaws were discovered by Eclypsium and affect products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. IP KVM devices provide remote access to a system’s keyboard, video output, and
Cybersecurity researchers have disclosed a serious vulnerability in Ubuntu Desktop that could allow attackers to escalate privileges to root on affected systems. Tracked as CVE-2026-3888, the flaw carries a CVSS score of 7.8 and affects default installations of Ubuntu 24.04 LTS and later versions. According to the Qualys Threat Research Unit (TRU), the vulnerability arises
Technology company Apple has released a new security update to address a vulnerability in the WebKit engine that could allow attackers to bypass important browser security protections on its operating systems. The issue, tracked as CVE-2026-20643, affects devices running iOS, iPadOS, and macOS. According to Apple, the flaw could allow malicious websites to bypass the
Apple Patches WebKit Flaw Allowing Same Origin Policy Bypass on iOS and macOS Read More »
Cybersecurity experts have revealed a serious security weakness affecting the Telnet service implementation in GNU InetUtils. The vulnerability could allow a remote attacker to execute malicious code on vulnerable systems without authentication. The issue has been assigned the identifier CVE-2026-32746 and has received a CVSS severity score of 9.8, indicating a critical level of risk.
Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE Read More »
Cybersecurity researchers have uncovered multiple security weaknesses in several artificial intelligence platforms that could allow attackers to steal sensitive data or execute malicious commands. The issues affect services associated with Amazon, LangSmith, and SGLang. According to recent research, attackers can exploit these weaknesses to extract confidential information, hijack accounts, and potentially gain remote code execution
Cybersecurity researchers have identified a new attack technique used by the ransomware group LeakNet that combines social engineering with a memory based malware loader. The group is now leveraging the ClickFix tactic through compromised websites to gain initial access to victim systems. According to analysis published by ReliaQuest, the campaign represents a strategic change in
LeakNet Ransomware Uses ClickFix on Hacked Sites to Deploy Deno In Memory Loader Read More »