APT28 - Geofencing as a Targeting Signal (CVE-2026-21509 Campaign) Since the beginning of this year, we have observed an increased number of attacks by APT28 targeting various European countries. ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25232 NetPCLinker - NetPCLin...

DockerDash Exposes AI Supply Chain Weakness 🚨 A critical security flaw affecting Docker’s Ask Gordon AI assistant has been disclosed by cybersecurity researchers, revealing how unverified metadata...

Overview Russian-aligned hacktivist groups are increasingly targeting industrial control systems and OT environments—and sometimes it’s shockingly easy. Daniel dos Santos, VP of Research at Foresc...

Wave of Citrix NetScaler Scans 🚀 A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week has utilized tens of thousands of residential proxies to discove...

🚨 Vulnerability Alert: Mitsubishi Electric FREQSHIP-mini for Windows A malicious code execution vulnerability exists in Mitsubishi’s small-capacity UPS shutdown software, FREQSHIP-mini for Windows...

Step Finance Suffers Major Breach 🚨 Step Finance has announced a staggering loss of $40 million in digital assets following a breach that compromised the devices of its executive team. The inciden...

Multiple Vulnerabilities in ELECOM Wireless LAN Products 🚨 Wireless LAN products provided by ELECOM CO.,LTD. contain multiple vulnerabilities that could potentially compromise user security. Here’...

Critical Vulnerability in Synectix LAN 232 TRIO Exposed 🚨 A significant vulnerability has been identified in the Synectix LAN 232 TRIO 3-Port serial to Ethernet adapter. Successful exploitation co...

AT&T Breach Data Resurfaces with New Risks for Customers 🚨 A newly shared dataset tied to AT&T reveals alarming risks for customers. This dataset, privately circulated since February 2, 20...

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub ...

According to the analysis provided by the security experts, the attack involved infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for n...

Mutagen Astronomy: From Discovery to CISA Recognition—A Seven-Year Journey On January 26, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-14634 to its Known Exploi...

On January 26, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-14634 to its Known Exploited Vulnerabilities (KEV) catalog. The same vulnerability was discovered by ...

Multiple vulnerabilities have been identified in Cybozu Garoon, detailed in JVN#35265756 and published on 2026/02/02. Cybozu Garoon provided by Cybozu, Inc. contains these multiple vulnerabilities....

Multiple Vulnerabilities in Cybozu Garoon 🚨 Multiple vulnerabilities have been identified in Cybozu Garoon, detailed in JVN#35265756 and published on February 2, 2026. The affected products includ...

A stack-based buffer overflow vulnerability, identified as CVE-2025-10666, exists in the apply.cgi endpoint of the D-Link DIR-825 Rev.B router (firmware <= 2.10). This vulnerability, explicitly ...

A new Android remote access trojan (RAT) uses the popular AI platform Hugging Face to host and distribute malicious payloads, Bitdefender has revealed. The dropper contacts an encrypted endpoint h...

Researchers Uncover Malicious Skills on ClawHub 🚨 A recent security audit of 2,857 skills on ClawHub has revealed 341 malicious skills across various campaigns, according to findings from Koi Secu...

Apple is introducing a new privacy feature that lets users limit the precision of location data shared with cellular networks on some iPhone and iPad models. The “Limit Precise Location” setting wi...