Cyber Security

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms

As part of the latest Patch Tuesday cycle, more than 60 technology vendors have rolled out security updates addressing vulnerabilities affecting operating systems, cloud infrastructure, enterprise applications, and network devices. The coordinated wave of patches reflects the ongoing effort to strengthen cybersecurity defenses across global IT environments. Microsoft Addresses 59 Vulnerabilities Microsoft issued fixes for […]

More Than 60 Software Vendors Release Security Updates Across OS, Cloud, and Network Platforms Read More »

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days

Microsoft has released security updates addressing 59 vulnerabilities across its software, including six zero-day flaws currently exploited in the wild. The patch rollout was announced on Tuesday, highlighting the urgent need for users and organizations to apply fixes. Severity Breakdown Of the 59 vulnerabilities, five are marked Critical, 52 Important, and two Moderate. Privilege escalation

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days Read More »

SSHStalker Botnet Controls Linux Systems via IRC C2 and Legacy Kernel Exploits

Cybersecurity researchers have uncovered a newly identified botnet operation named SSHStalker, which leverages the Internet Relay Chat, IRC, protocol as its command-and-control infrastructure. The campaign specifically targets Linux systems by exploiting outdated kernel vulnerabilities, many of which date back more than a decade. According to security firm Flare, the operation combines stealth-focused techniques with older Linux

SSHStalker Botnet Controls Linux Systems via IRC C2 and Legacy Kernel Exploits Read More »

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations

Security researchers have revealed that North Korean cyber operatives are increasingly targeting global companies by impersonating legitimate professionals on LinkedIn. The threat actors are applying for remote roles using real LinkedIn accounts, often tied to verified email addresses and identity badges, to make their applications appear authentic. This long-running campaign, tracked as Jasper Sleet, PurpleDelta, and Wagemole,

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations Read More »

Reynolds Ransomware Uses BYOVD Driver to Disable EDR Security Tools

Cybersecurity analysts have identified a newly emerging ransomware strain named Reynolds, notable for embedding a built-in Bring Your Own Vulnerable Driver (BYOVD) mechanism directly within its ransomware payload. This approach is designed to bypass endpoint security defenses before file encryption begins. BYOVD is a well-known attacker technique that abuses legitimate but vulnerable kernel drivers to escalate

Reynolds Ransomware Uses BYOVD Driver to Disable EDR Security Tools Read More »

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Operations

Singapore’s Cyber Security Agency (CSA) has confirmed that a China linked cyber espionage group known as UNC3886 carried out a coordinated and targeted campaign against the country’s telecommunications sector. According to CSA, the operation was deliberate, highly organized, and carefully executed. All four major telecommunications providers in Singapore, M1, SIMBA Telecom, Singtel, and StarHub, were

China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Operations Read More »

TeamPCP Worm Abuses Cloud Infrastructure to Build Criminal Operations

Cybersecurity experts have uncovered a large and coordinated malicious campaign that abuses cloud native environments to construct infrastructure used for cybercrime operations. Researchers describe the activity as a worm driven operation that spreads automatically across exposed cloud services. The campaign was first observed around December 25, 2025, and relies on publicly exposed Docker APIs, Kubernetes

TeamPCP Worm Abuses Cloud Infrastructure to Build Criminal Operations Read More »

OpenClaw Integrates VirusTotal Scanning to Identify Malicious ClawHub Skills

OpenClaw, previously known as Moltbot and Clawdbot, has announced a new security partnership with Google-owned VirusTotal to strengthen defenses across its skill marketplace, ClawHub. The move is aimed at reducing the growing risk of malicious skills entering the rapidly expanding agentic AI ecosystem. According to OpenClaw founder Peter Steinberger and collaborators Jamieson O’Reilly and Bernardo Quintero, every

OpenClaw Integrates VirusTotal Scanning to Identify Malicious ClawHub Skills Read More »

BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support and PRA Products

BeyondTrust has released security updates to remediate a critical vulnerability affecting its Remote Support (RS) and Privileged Remote Access (PRA) products. If exploited, the flaw could allow unauthenticated attackers to achieve remote code execution on vulnerable systems. In a security advisory published on February 6, 2026, BeyondTrust confirmed that Remote Support and certain legacy versions of Privileged Remote Access

BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support and PRA Products Read More »

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government and Infrastructure Organizations

Cybersecurity researchers at Palo Alto Networks Unit 42 have uncovered a previously unknown state-backed cyber espionage group that has compromised at least 70 government and critical infrastructure organizations across 37 countries within the last year. The threat actor, tracked as TGR-STA-1030, has also conducted widespread reconnaissance activities targeting government-related infrastructure in 155 countries between November and

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government and Infrastructure Organizations Read More »