A Chinese national accused of participating in a major cyber espionage campaign linked to COVID-19 research has been extradited from Italy to the United States, marking a significant development in an ongoing international cybercrime investigation. Arrest and Extradition Details The suspect, Xu Zewei, aged 34, was taken into custody by Italian authorities in July 2025. His […]
Vercel has disclosed new findings in its ongoing investigation into a recent security incident, confirming that more customer accounts were affected than initially believed. Expanded Investigation Reveals More Impact The company reported that after broadening its analysis, including reviewing network activity and environment variable access logs, it discovered an additional group of accounts showing signs of
Vercel Discovers Additional Compromised Accounts in Breach Linked to Context.ai Read More »
A U.S. federal court has sentenced a 26-year-old Russian national, Aleksei Olegovich Volkov, to 6.75 years in prison for his involvement in facilitating ransomware attacks that caused millions in damages. The case highlights the growing role of cybercrime networks and initial access brokers in enabling large-scale ransomware operations targeting organizations worldwide. Key Role in Ransomware Attacks
U.S. Sentences Russian Hacker to 6.75 Years in Prison for $9M Ransomware Scheme Read More »
Citrix has released critical security updates to address serious vulnerabilities in its NetScaler ADC and NetScaler Gateway products, warning organizations about the potential risk of sensitive data exposure. The update includes fixes for two security flaws, one of which could allow attackers to access sensitive information without authentication, raising concerns across enterprise environments. Critical Vulnerability
Oracle Corporation has released urgent security updates to address a severe vulnerability affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw, tracked as CVE-2026-21992, allows unauthenticated attackers to execute arbitrary code remotely, making it a high-risk security issue. Severity and Impact This vulnerability has been assigned a CVSS score of 9.8 out of
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The agency has directed federal organizations to apply security patches by April 3, 2026, to reduce the risk of ongoing attacks. Affected Vulnerabilities Across Apple and Web Platforms The newly listed vulnerabilities affect systems
A newly disclosed critical vulnerability in the open-source AI platform Langflow has already been actively exploited within just 20 hours of its public announcement, demonstrating how quickly attackers weaponize newly discovered security flaws. The vulnerability, tracked as CVE-2026-33017 with a CVSS score of 9.3, is caused by a combination of missing authentication and unsafe code
Critical Langflow Vulnerability CVE-2026-33017 Exploited Within 20 Hours of Disclosure Read More »
Google has unveiled a new security measure aimed at reducing malware infections and online scams on Android devices. The update introduces an “advanced flow” for sideloading apps, requiring users to wait 24 hours before installing applications from unverified developers. This move is designed to strengthen user protection while still preserving Android’s flexibility and openness. The
Google Introduces 24 Hour Delay for Unverified App Sideloading to Curb Malware and Scams Read More »
Apple has released an urgent security advisory, cautioning users who are still operating older versions of iOS to immediately update their devices. The warning highlights active cyberattacks carried out using advanced exploit kits such as Coruna and DarkSword, which are targeting outdated iPhones through malicious web content. These exploit kits are designed to take advantage
Cybersecurity researchers have disclosed a serious vulnerability in Ubuntu Desktop that could allow attackers to escalate privileges to root on affected systems. Tracked as CVE-2026-3888, the flaw carries a CVSS score of 7.8 and affects default installations of Ubuntu 24.04 LTS and later versions. According to the Qualys Threat Research Unit (TRU), the vulnerability arises