Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...

Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...

🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Who Runs the Ransomware Group ‘The Gentlemen’? 🚀 A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool...

Oracle PeopleSoft Servers Hacked 🚨 Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 org...

GitHub Ends Automatic Install Script Execution for npm 🚀 GitHub is set to end the ability for attackers to leverage automatic install script execution in npm when expected changes arrive in July. ...

Expanded JDY IoT and SOHO Botnet Enables Rapid Vulnerability Exploitation 🚀 Black Lotus Labs recently identified a significant resurgence of the JDY botnet, a covert reconnaissance network tied to...

Siemens KACO Blueplanet Inverters Vulnerabilities Attention! 🚨 KACO Blueplanet Inverters have been found to contain multiple vulnerabilities that could allow attackers to derive credentials from t...

ServiceNow Discloses Security Incident Exposing Customer Data 🚨 ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable API en...

Schneider Electric Modicon Network Managed Switches Vulnerability Schneider Electric is aware of a RADIUS protocol vulnerability, identified as CVE-2024-3596, affecting its Modicon Network Managed...

Phishing Attacks Leverage TikTok, Instagram Reels Short-form videos on social media apps are currently being leveraged by threat actors as a phishing vector, utilizing tutorial-style content with ...

Fighting Spyware: An Update From WhatsApp Last year, WhatsApp made history by securing a landmark verdict and permanent injunction barring NSO Group – a spyware firm blacklisted for actions contra...

CVE-2026-9746 - Server Crashes Due to Exchange Option DNB reports on CVE-2026-9746, a server vulnerability identified where, when using $changestreams and $_requestReshardingResumeToken with the e...

BLUERABBIT - A Golang-Based Backdoor with Ransomware and Destructive Capabilities 🚨 A full-featured backdoor with file encryption, drive wiping, and a C2 channel that resembles normal message brok...

75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds 🚨 A new report reveals that nearly all Chief Information Security Officers (CISOs) have faced pressure to suppress or delay...

Microsoft’s Open Source Tools Hacked 🚨 Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injec...

CISA Flags Fresh SolarWinds Serv-U Flaw as Actively Exploited 🚨 CISA has added CVE-2026-28318 in SolarWinds Serv-U to its KEV catalog on June 5, 2026, confirming active exploitation of a DoS vulne...

New EDRChoker Tool 🚀 A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents. Instead of...

CVE-2026-11459 - SecureAge CatchPulse IOCTL Vulnerability Disclosed 🚨 A new security vulnerability, tracked as CVE-2026-11459, has been detected in SecureAge CatchPulse up to version 10.9.1. This ...

Oxford University Student Data Breach 🚨 Oxford University students seeking work will be dismayed to learn that crooks have breached a second external platform provider for the university in as man...