Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...

Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...

🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

FFmpeg Fixes PixelSmash Flaw in Widely Used Video Decoder 🚀 A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditi...

Thousands of D-Link Routers Under Control of AryStinger Botnet Researchers have found that the recently discovered AryStinger botnet has quietly hijacked thousands of end-of-life D-Link routers an...

Researchers Uncover Critical DifyTap Vulnerabilities 🚨 Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform, that could allow ...

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer 🚨 Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer through a previously unrepor...

Overview A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic t...

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain 🚨 Security researchers at Paradigm Shift have unveiled a groundbreaking exploit known as usbliter8, which allows arbit...

Texas Government Data Breach 🚨 The Texas Parks and Wildlife Department (TPWD) has disclosed a significant data breach at its license system vendor, exposing personal information for over three mil...

Peter Thiel’s Secret Society Leak 🚨 A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel’s secretive Dialog network. Dialog, a private invitati...

Large-Scale Malware Distribution Campaign on GitHub Uncovered 🚨 A significant malware distribution campaign has been discovered on GitHub, involving 10,000 repositories that are spreading Trojan m...

Vulnerabilities in Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT 🚨 Attention Healthcare Providers! 🚨 The Apollo Pharmacy Blood Glucose Monitoring System (Model No. APG-01 BT) has been...

New Abuse of the ClickOnce Technology, Part 1 To help solve the challenge of application deployment, Microsoft offers multiple solutions including its Microsoft Store, the native Windows Installer...

FortiBleed: You Can’t Patch Your Way Out of This A multi-phase campaign, dubbed FortiBleed, has cracked administrative credentials on roughly half of the world’s internet-facing FortiGate firewall...

Apple Patches High-Severity Eavesdropping Vulnerability in Beats Studio Buds Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited...

Popa Botnet Linked to Publicly-Traded Israeli Firm 🚨 For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked...

Operation Endgame Disrupts SocGholish Malware Infrastructure 🚨 Date Published: June 18, 2026 Source: Hackread Operation Endgame has expanded its reach by dismantling the network infrastructure of...

I Could’ve Rickrolled the Entire FIFA World Cup! 🎉 When you register on agents.fifa.org, FIFA adds your account to their Microsoft Entra tenant (formerly Azure AD). This tenant powers all of FIFA’...

AzeoTech DAQFactory Vulnerability Advisory 🚨 CISA has published an advisory regarding a critical vulnerability in AzeoTech DAQFactory. Successful exploitation of this vulnerability could allow an ...