CYBER SECURITY 55

• Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking Mar 8, 2026
• Malvertising Threat Actor D-Shortiez Abuses WebKit Back-Button Hijack Mar 3, 2026
• New Phishing Framework Starkiller Proxies Real Login Pages to Bypass MFA Feb 23, 2026
• Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys Feb 1, 2026
• Hackers Weaponized 2,500+ Security Tools to Terminate Endpoint Protection Before Deploying Ransomware Jan 21, 2026
• Attackers Redirected Employee Paychecks Without Breaching a Single System Jan 19, 2026
• North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign Jan 14, 2026
• New MacSync Stealer Uses Signed macOS App to Evade Gatekeeper and Steal Data Jan 10, 2026
• WhatsApp Vulnerabilities Leaks User’s Metadata Including Device’s Operating System Jan 5, 2026
• BlindEagle Hackers Attacking Government Agencies with Powershell Scripts Dec 22, 2025
• CISA Releases New Indicators of Compromise Tied to BRICKSTORM Malware Dec 20, 2025
• xHunt APT Hackers Attacking Microsoft Exchange and IIS Web Servers to Deploy Custom Backdoors Dec 15, 2025
• LockBit 5.0 Infrastructure Exposed in New Server, IP, and Domain Leak Dec 7, 2025
• 29.7 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record Dec 3, 2025
• Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations Dec 1, 2025
• Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks Nov 27, 2025
• Dead Man’s Switch – Widespread npm Supply Chain Attack Driving Malware Attacks Nov 27, 2025
• Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges Nov 23, 2025
• New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls Nov 20, 2025
• RONINGLOADER Weaponizes Signed Drivers to Disable Defender and Evade EDR Tools Nov 15, 2025
• Hackers Actively Exploiting Cisco and Citrix 0-Days in the Wild to Deploy Webshell Nov 12, 2025
• Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case Nov 10, 2025
• Data breach at Chinese infosec firm reveals cyber-weapons and target list Nov 9, 2025
• List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities Nov 6, 2025
• HackedGPT – 7 New Vulnerabilities in GPT-4o and GPT-5 Enables 0-Click Attacks Nov 5, 2025
• Curly COMrades Hacker Group Using New Tools to Create Hidden Remote Access on Compromised Windows 10 Nov 5, 2025
• Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files Nov 3, 2025
• OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically Nov 2, 2025
• Threat Actors Leverage npm Ecosystem to Deliver AdaptixC2 Post-Exploitation Framework Oct 21, 2025
• PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation Oct 19, 2025
• Data-Leak Sites Hit an All-Time High With New Scattered Spider RaaS and LockBit 5.0 Oct 9, 2025
• Hackers Actively Compromising Databases Using Legitimate Commands Oct 8, 2025
• 13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System Oct 7, 2025
• New WireTap Attack Breaks Server SGX to Exfiltrate Sensitive Data Oct 5, 2025
• SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files Sep 29, 2025
• New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing Sep 29, 2025
• Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins Sep 27, 2025
• Malware Operators Collaborate With Covert North Korean IT Workers to Attack Corporate Organizations Sep 27, 2025
• Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses Sep 26, 2025
• CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability Sep 24, 2025
• 22.2 Tbps DDoS Attack Breaks Internet With New World Record Sep 23, 2025
• Google Chrome 0-Day Vulnerability Actively Exploited in the Wild – Patch Now Sep 18, 2025
• FinWise Insider Breach Exposes 700K Customer Records to Former Employee Sep 17, 2025
• New BruteForceAI Tool Automatically Detects Login Pages and Executes Smart Brute-Force Attacks Aug 27, 2025
• Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered Aug 25, 2025
• New Gmail Phishing Attack Uses AI Prompt Injection to Evade Detection Aug 24, 2025
• Threat Actors Attacking Organizations Key Employees With Weaponized Copyright Documents to Deliver Noodlophile Stealer Aug 19, 2025
• New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay Aug 18, 2025
• Search Engines are Indexing ChatGPT Conversations! – Here is our OSINT Research Aug 1, 2025
• UNC3886 Actors Know for Exploiting 0-Days Attacking Singapore’s Critical Infrastructure Jul 29, 2025
• JSCEAL Targets Crypto App Users – A New Threat in the Cyber Security Landscape Jul 29, 2025
• Iranian Educated Manticore Targets Leading Tech Academics Jun 25, 2025
• Scattered Spider has moved from retail to insurance Jun 16, 2025
• Sweden says it is under cyber attack Jun 12, 2025
• CVE-2025-33053, Stealth Falcon and Horus A Saga of Middle Eastern Cyber Espionage Jun 10, 2025