Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Iranian APT Nimbus Manticore Shifts from Phishing to SEO Poisoning
The Iranian APT group Nimbus Manticore (also known as Screening Serpens and UNC1549) carried out three consecutive campaigns from February ...
Ghostwriter Phishing Campaign Abuses Prometheus to Deploy Cobalt Strike
The Ghostwriter group (also tracked as UAC-0057 and UNC1151), which has been linked to Belarus, is running a phishing campaign ...
TrapDoor Campaign Steals Crypto Keys via npm, PyPI, Crates.io
Researchers from Socket have discovered a coordinated supply chain attack, codenamed TrapDoor, that simultaneously affected the three largest package registries ...
Inside RemotePE, the Lazarus In-Memory RAT Targeting Crypto
Researchers from Fox-IT (an NCC Group division) have published a detailed analysis of the multi-stage malicious framework RemotePE — a ...
LiteSpeed cPanel Plugin 0‑Day CVE-2026-48172 Exploited in the Wild
The critical vulnerability CVE-2026-48172 with a maximum CVSS rating of 10.0 in the LiteSpeed User-End cPanel Plugin is being actively ...
How Europol and the FBI Took Down the Criminal First VPN Service
Law enforcement agencies in Europe and North America carried out a coordinated operation on 19–20 May to dismantle First VPN ...
CVE-2026-9082: SQL injection risk in Drupal PostgreSQL sites
The Drupal team has released security updates that address the CVE-2026-9082 vulnerability in the CMS core. The flaw allows unauthenticated ...
Kimwolf DDoS Botnet: Canadian Operator Arrested and Charged
The US Department of Justice announced the arrest of 23-year-old Canadian citizen Jacob Butler (alias Dort) from Ottawa on charges ...
How a Malicious VS Code Extension Exposed 3,800 Internal GitHub Repos
GitHub has confirmed a supply chain attack that resulted in the compromise of approximately 3,800 of the company’s internal repositories. ...
Langflow RCE and Apex One directory traversal added to CISA KEV
On May 21, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities to the Known Exploited Vulnerabilities ...
