Threat

SmarterMail Patches Critical Unauthenticated RCE Vulnerability with CVSS 9.3 Score

SmarterTools has released security updates for its SmarterMail email platform, addressing multiple vulnerabilities, including a critical unauthenticated remote code execution flaw that could allow attackers to run arbitrary commands on affected systems. The most severe issue is tracked as CVE-2026-24423 and carries a CVSS score of 9.3, indicating a high risk to unpatched deployments. Unauthenticated RCE via ConnectToHub […]

SmarterMail Patches Critical Unauthenticated RCE Vulnerability with CVSS 9.3 Score Read More »

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access

Cybersecurity researchers have discovered a cluster of malicious Google Chrome extensions designed to hijack affiliate links, exfiltrate user data, and steal OpenAI ChatGPT authentication tokens. These extensions exploit the trust users place in popular e-commerce and AI-related browser tools to gain persistent access to sensitive information. Amazon Ads Blocker and Affiliate Hijacking One notable extension, Amazon

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access Read More »

China Linked UAT 8099 Targets IIS Servers in Asia Using BadIIS SEO Malware

Cybersecurity researchers have uncovered a new malicious campaign attributed to a China linked threat actor tracked as UAT 8099. The activity, observed between late 2025 and early 2026, targeted vulnerable Microsoft Internet Information Services servers across multiple Asian countries. The campaign was identified by Cisco Talos, which reported that the attacks primarily focused on IIS

China Linked UAT 8099 Targets IIS Servers in Asia Using BadIIS SEO Malware Read More »

Two Ivanti EPMM Zero Day RCE Vulnerabilities Actively Exploited, Security Updates Released

Ivanti has released urgent security updates to fix two critical vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM), both of which have been actively exploited as zero day attacks. One of the flaws has also been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA)  Known Exploited Vulnerabilities catalog, highlighting the severity of the threat.

Two Ivanti EPMM Zero Day RCE Vulnerabilities Actively Exploited, Security Updates Released Read More »

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries

Cybersecurity researchers have uncovered a large scale exposure of artificial intelligence infrastructure after identifying more than 175,000 publicly accessible Ollama AI servers operating across 130 countries. The findings come from a joint investigation conducted by SentinelOne SentinelLABS and Censys, which highlights the rapid growth of unmanaged AI compute environments on the public internet. According to

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries Read More »

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps

A recent study conducted by OMICRON has uncovered serious cybersecurity shortcomings within operational technology networks used across substations, power plants, and control centers globally. The assessment, which analyzed more than 100 real world energy installations, reveals repeated technical, organizational, and functional weaknesses that continue to expose critical infrastructure to cyber threats. The research is based

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps Read More »

SolarWinds Fixes Four Critical Web Help Desk Flaws Allowing Unauthenticated RCE and Authentication Bypass

SolarWinds has issued security updates to fix multiple vulnerabilities affecting SolarWinds Web Help Desk (WHD), including four critical flaws that could enable unauthenticated attackers to bypass authentication and execute arbitrary code on affected systems. The vulnerabilities pose a serious risk to organizations using the platform, as several of the issues can be exploited without valid credentials, potentially giving

SolarWinds Fixes Four Critical Web Help Desk Flaws Allowing Unauthenticated RCE and Authentication Bypass Read More »

Google Disrupts IPIDEA, One of the World’s Largest Residential Proxy Networks

Google has announced the disruption of IPIDEA, widely recognized as one of the largest residential proxy networks in operation. The takedown involved legal actions to seize dozens of domains used to control infected devices and route proxy traffic, rendering IPIDEA’s main website (www.ipidea.io) inaccessible. IPIDEA previously promoted itself as a leading IP proxy provider, claiming

Google Disrupts IPIDEA, One of the World’s Largest Residential Proxy Networks Read More »

Fake Moltbot AI Coding Assistant on VS Code Marketplace Distributes Malware

Cybersecurity researchers have uncovered a malicious Visual Studio Code extension that impersonated Moltbot, previously known as Clawdbot, and secretly installed malware on developer systems. The fake extension was distributed through Microsoft’s official VS Code Marketplace and falsely advertised itself as a free AI powered coding assistant. The extension, listed as “ClawdBot Agent, AI Coding Assistant” with the

Fake Moltbot AI Coding Assistant on VS Code Marketplace Distributes Malware Read More »

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid

A coordinated cyber attack that struck multiple locations across the Polish power grid in late December 2025 has been attributed, with medium confidence, to a Russian state sponsored threat group known as ELECTRUM. Operational technology security firm Dragos revealed the findings in a newly published intelligence brief, describing the incident as the first large scale cyber attack focused on distributed energy

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid Read More »