Daily Cyber News

Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202

Microsoft has officially updated its security advisory to confirm that a recently patched vulnerability in Windows Shell has been actively exploited in real-world attacks. The flaw, identified as CVE-2026-32202, highlights ongoing risks within Windows environments despite recent security updates. Details of the Vulnerability The issue, assigned a CVSS score of 4.3, is categorized as a […]

Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202 Read More »

PhantomCore Leverages TrueConf Vulnerabilities to Compromise Russian Networks

A pro Ukrainian hacktivist group known as PhantomCore has been linked to a series of cyberattacks targeting servers running TrueConf video conferencing software across Russia since September 2025. Security researchers report that the campaign involves a carefully built exploitation chain that allows remote command execution and deep network infiltration. Exploitation of TrueConf Security Flaws According

PhantomCore Leverages TrueConf Vulnerabilities to Compromise Russian Networks Read More »

Researchers Discover 73 Malicious VS Code Extensions Spreading GlassWorm v2 Malware

Cybersecurity researchers have uncovered a large-scale malicious campaign involving fake extensions targeting developers through Visual Studio Code. The operation is linked to an evolving malware strain known as GlassWorm v2. Malicious Extensions Hidden in Open VSX The fraudulent extensions were discovered on the Open VSX platform, where attackers uploaded cloned versions of legitimate tools. A

Researchers Discover 73 Malicious VS Code Extensions Spreading GlassWorm v2 Malware Read More »

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud

Security researchers have identified an extensive telecommunications fraud operation deploying deceptive verification techniques to deceive mobile phone users into sending premium-rate international text messages, generating substantial illegal revenue for criminals controlling the receiving phone numbers. Cybersecurity firm Infoblox published comprehensive analysis revealing a telecommunications revenue-share fraud campaign involving elaborate social engineering tactics combined with malicious

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud Read More »

IT Help Desk

UNC6692 Poses as IT Help Desk via Microsoft Teams to Deploy SNOW Malware

Security researchers have uncovered a previously unknown threat activity group designated as UNC6692, which has been conducting targeted attacks using social engineering tactics deployed through Microsoft Teams messaging platform. The campaign focuses on distributing a specialized malware toolkit designed to establish persistent access to corporate networks. According to findings released by Google-owned Mandiant, the threat

UNC6692 Poses as IT Help Desk via Microsoft Teams to Deploy SNOW Malware Read More »

Bitwarden CLI Breached in Ongoing Supply Chain Attack Linked to Checkmarx

A significant cybersecurity incident has emerged involving the popular password management system Bitwarden, with its command-line interface becoming the target of a sophisticated attack campaign linked to compromised software development infrastructure. Security researchers from JFrog and Socket have disclosed that version 2026.4.0 of the @bitwarden/cli package contained malicious code embedded within a file named ‘bw1.js’.

Bitwarden CLI Breached in Ongoing Supply Chain Attack Linked to Checkmarx Read More »

Vercel Discovers Additional Compromised Accounts in Breach Linked to Context.ai

Vercel has disclosed new findings in its ongoing investigation into a recent security incident, confirming that more customer accounts were affected than initially believed. Expanded Investigation Reveals More Impact The company reported that after broadening its analysis, including reviewing network activity and environment variable access logs, it discovered an additional group of accounts showing signs of

Vercel Discovers Additional Compromised Accounts in Breach Linked to Context.ai Read More »

Apple Patches iOS Vulnerability That Allowed FBI to Recover Deleted Signal Messages

Apple has released important security updates to fix a flaw in its iOS and iPadOS systems that could allow previously deleted notifications, including messages from Signal, to remain stored on devices. Vulnerability Details The issue, identified as CVE-2026-28950, was linked to how notification data was handled internally. Instead of being fully removed, certain notifications marked for deletion were

Apple Patches iOS Vulnerability That Allowed FBI to Recover Deleted Signal Messages Read More »

Malicious KICS Docker Images and VS Code Extensions Target Checkmarx in Supply Chain Attack

A serious software supply chain attack has been uncovered targeting developer tools associated with Checkmarx. Security researchers warn that compromised Docker images and Visual Studio Code extensions were used to steal sensitive data and spread malware across development environments. Poisoned Docker Images Discovered According to findings from Socket, attackers managed to manipulate the official “checkmarx/kics” Docker Hub

Malicious KICS Docker Images and VS Code Extensions Target Checkmarx in Supply Chain Attack Read More »

SystemBC C2 Infrastructure Exposes Over 1,570 Victims Linked to The Gentlemen Ransomware Operation

Cybersecurity researchers have uncovered new evidence connecting a large-scale botnet to the rapidly growing ransomware group known as The Gentlemen. The discovery reveals that attackers are leveraging the SystemBC proxy malware to strengthen their operations and expand their reach globally. Large Botnet Discovered Through SystemBC Server A recent investigation by cybersecurity firm Check Point exposed

SystemBC C2 Infrastructure Exposes Over 1,570 Victims Linked to The Gentlemen Ransomware Operation Read More »