Daily Cyber News

Interlock Ransomware Exploits Cisco FMC Zero Day CVE-2026-20131 to Gain Root Access

Amazon Threat Intelligence has issued a warning regarding an active Interlock ransomware campaign exploiting a critical zero-day in Cisco Secure Firewall Management Center (FMC) software. The vulnerability, CVE-2026-20131 (CVSS 10.0), stems from insecure deserialization of user-supplied Java byte streams, enabling unauthenticated attackers to execute arbitrary Java code as root. According to Amazon’s MadPot global sensor […]

Interlock Ransomware Exploits Cisco FMC Zero Day CVE-2026-20131 to Gain Root Access Read More »

Nine Critical IP KVM Vulnerabilities Allow Unauthenticated Root Access Across Four Vendors

Cybersecurity researchers have revealed nine severe vulnerabilities in low-cost IP KVM devices, highlighting the risks posed by these networked remote management tools. The flaws were discovered by Eclypsium and affect products from GL-iNet Comet RM-1, Angeet/Yeeso ES3 KVM, Sipeed NanoKVM, and JetKVM. IP KVM devices provide remote access to a system’s keyboard, video output, and

Nine Critical IP KVM Vulnerabilities Allow Unauthenticated Root Access Across Four Vendors Read More »

Ubuntu CVE-2026-3888 Vulnerability Allows Root Access Through systemd Cleanup Timing Exploit

Cybersecurity researchers have disclosed a serious vulnerability in Ubuntu Desktop that could allow attackers to escalate privileges to root on affected systems. Tracked as CVE-2026-3888, the flaw carries a CVSS score of 7.8 and affects default installations of Ubuntu 24.04 LTS and later versions. According to the Qualys  Threat Research Unit (TRU), the vulnerability arises

Ubuntu CVE-2026-3888 Vulnerability Allows Root Access Through systemd Cleanup Timing Exploit Read More »

Apple Patches WebKit Flaw Allowing Same Origin Policy Bypass on iOS and macOS

Technology company Apple has released a new security update to address a vulnerability in the WebKit engine that could allow attackers to bypass important browser security protections on its operating systems. The issue, tracked as CVE-2026-20643, affects devices running iOS, iPadOS, and macOS. According to Apple, the flaw could allow malicious websites to bypass the

Apple Patches WebKit Flaw Allowing Same Origin Policy Bypass on iOS and macOS Read More »

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE

Cybersecurity experts have revealed a serious security weakness affecting the Telnet service implementation in GNU InetUtils. The vulnerability could allow a remote attacker to execute malicious code on vulnerable systems without authentication. The issue has been assigned the identifier CVE-2026-32746 and has received a CVSS severity score of 9.8, indicating a critical level of risk.

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE Read More »

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution

Cybersecurity researchers have uncovered multiple security weaknesses in several artificial intelligence platforms that could allow attackers to steal sensitive data or execute malicious commands. The issues affect services associated with Amazon, LangSmith, and SGLang. According to recent research, attackers can exploit these weaknesses to extract confidential information, hijack accounts, and potentially gain remote code execution

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution Read More »

LeakNet Ransomware Uses ClickFix on Hacked Sites to Deploy Deno In Memory Loader

Cybersecurity researchers have identified a new attack technique used by the ransomware group LeakNet that combines social engineering with a memory based malware loader. The group is now leveraging the ClickFix tactic through compromised websites to gain initial access to victim systems. According to analysis published by ReliaQuest, the campaign represents a strategic change in

LeakNet Ransomware Uses ClickFix on Hacked Sites to Deploy Deno In Memory Loader Read More »

Konni Spreads EndRAT via Phishing and Uses KakaoTalk to Distribute Malware

Cybersecurity researchers have identified a new cyber espionage campaign carried out by the North Korean threat group Konni. The attackers are using phishing emails to compromise victims and then leveraging the popular messaging platform KakaoTalk to distribute malware to additional targets. The activity was analyzed by South Korean cybersecurity company Genians, whose researchers observed a multi stage attack designed

Konni Spreads EndRAT via Phishing and Uses KakaoTalk to Distribute Malware Read More »

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency, has added a newly identified vulnerability in Wing FTP Server to its Known Exploited Vulnerabilities (KEV) catalog after confirming that the flaw is being actively abused by attackers. The issue, tracked as CVE-2025-47813 with a CVSS score of 4.3, allows attackers to obtain

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths Read More »

GlassWorm Attack Uses Stolen GitHub Tokens to Inject Malware Into Python Repositories

Security researchers have uncovered a new phase of the GlassWorm malware campaign, where attackers are abusing stolen GitHub tokens to inject malicious code into hundreds of Python repositories. The attack targets widely used Python projects and can infect developers who download or execute code from compromised repositories. According to research from supply chain security firm StepSecurity,

GlassWorm Attack Uses Stolen GitHub Tokens to Inject Malware Into Python Repositories Read More »