Cybersecurity News, Threats & Vulnerability Alerts
Real-time threat monitoring, zero-day vulnerability analysis, and data breach reports.
Bluekit Phishing Kit Targets 40+ Platforms with AI Features
FBI Warns of $725M Cargo Theft Surge Targeting Logistics
SonicWall Patches Critical Firewall Flaws Enabling RCE
CVE-2026-41940: Critical cPanel Zero-Day Exploited for Months
US-China Joint Op Shuts Down 9 Crypto Fraud Centers
Copy Fail Linux Flaw Grants Root Access to Local Users
CVE-2026-31431 allows unprivileged Linux users to escalate privileges to root through a page cache vulnerability affecting major distributions.
SAP npm Packages Hit by TeamPCP Supply Chain Attack
Multiple official SAP npm packages were compromised in a TeamPCP supply-chain attack targeting developer credentials and authentication tokens.
WordPress Plugin Backdoor Exposed After Five Years
Quick Page/Post Redirect plugin containing hidden backdoor code affects over 70,000 WordPress installations worldwide.
Qinglong Task Scheduler Hit by Active Cryptomining Attacks
Hackers exploit two authentication bypass flaws in Qinglong open-source scheduler to deploy cryptocurrency miners on developer servers worldwide.
OpenEMR Vulnerabilities Expose 100,000+ Healthcare Providers
Critical security flaws in OpenEMR's electronic health record platform put over 100,000 healthcare providers at risk of database compromise and data theft.
Ukrainian Police Arrest Trio for Massive Roblox Account Hack
Ukrainian authorities arrested three cybercriminals who compromised over 610,000 Roblox gaming accounts, generating $225,000 in illegal profits through account sales.
Critical cPanel Flaw Bypasses Authentication in WHM Dashboard
A critical vulnerability in cPanel and WebHost Manager allows attackers to bypass authentication and gain unauthorized control panel access.
CISA Orders Federal Agencies to Patch Windows Zero-Day
CISA adds actively exploited Windows privilege escalation vulnerability to its Known Exploited Vulnerabilities catalog, mandating federal agency patches.
38 Flaws Found in OpenEMR Medical Records Software
Security researchers discovered 38 vulnerabilities in OpenEMR electronic medical records software that could expose sensitive patient data.
Chrome 147 and Firefox 150 Patch Critical RCE Flaws
Google Chrome 147 and Mozilla Firefox 150 security updates address critical vulnerabilities enabling arbitrary code execution attacks.
North Korean APT Uses AI Avatars to Target Crypto Executives
North Korean threat actors deploy AI-generated personas and deepfake technology in sophisticated social engineering campaigns targeting cryptocurrency industry leaders.
VECT 2.0 Ransomware Bug Destroys Files Instead of Encrypting
VECT 2.0 ransomware contains a critical encryption flaw that permanently destroys larger files instead of encrypting them for recovery.
CVE-2026-42208: Critical LiteLLM Gateway Flaw Under Attack
Hackers actively exploit CVE-2026-42208 in LiteLLM open-source gateway to steal sensitive AI model data and credentials.
Vimeo Confirms Data Breach as ShinyHunters Demand Ransom
Video platform Vimeo confirmed a data breach affecting user and customer information after ShinyHunters threatened to leak stolen files.
VECT 2.0 Ransomware Flaw Makes File Recovery Impossible
VECT 2.0 ransomware contains a critical encryption bug that permanently destroys files instead of encrypting them, making recovery impossible.