Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

Cybersecurity News

Unauthenticated Access to Gitea Private Containers (CVE-2026-27771)

CyberSecureFox Editorial Team

A vulnerability CVE-2026-27771 has been discovered in the Gitea version control platform that allows unauthenticated remote attackers to pull private ...

Illustration of a chatbot linking to a GPU in a cryptojacking context.
Cybersecurity News

Microsoft Details Cryptojacking Campaign Abusing AI Chatbots and ScreenConnect

CyberSecureFox Editorial Team

The Microsoft Defender Experts and Microsoft Defender Security Research teams have published a report on an active cryptojacking campaign in ...

Visual representation of MuddyWater DLL sideloading campaign diagram.
Cybersecurity News

Iran’s MuddyWater targets global orgs with DLL sideloading and ChromElevator

CyberSecureFox Editorial Team

The Iranian threat group MuddyWater (also known as Seedworm) conducted a large-scale espionage campaign in the first quarter of 2026 ...

Computer screen with "LMS" logo and "CVE-2026-5426" vulnerability highlighted.
Cybersecurity News

Zero-Day Exploitation of KnowledgeDeliver LMS via ASP.NET ViewState

CyberSecureFox Editorial Team

The CVE-2026-5426 vulnerability (CVSS 7.5) in the Digital Knowledge KnowledgeDeliver learning management system, widely used in Japan, was exploited as ...

Ghost CMS vulnerability CVE-2026-26980 connected to multiple systems.
Cybersecurity News

Mass Ghost CMS compromises via CVE-2026-26980 SQL injection

CyberSecureFox Editorial Team

The critical vulnerability CVE-2026-26980 (CVSS 9.4) in the Ghost CMS platform is being actively exploited by attackers to mass-inject malicious ...

Illustration showing banking Trojan campaigns Grandoreiro and BTMOB targeting a bank.
Cybersecurity News

Banking Trojans Hide in WebRTC and MaaS: Grandoreiro, BTMOB

CyberSecureFox Editorial Team

Two parallel banking Trojan campaigns — Grandoreiro for Windows and BTMOB RAT for Android — are actively targeting financial organizations ...

Malicious npm package targeting AI with glowing data transfer effect.
Cybersecurity News

Malicious npm Package Steals Claude AI Data via /mnt/user-data

CyberSecureFox Editorial Team

Researchers at OX Security have discovered a malicious npm package called mouse5212-super-formatter, which steals files from the /mnt/user-data directory — ...

SharePoint server graphic illustrating CVE-2026-45659 vulnerability fix.
Cybersecurity News

SharePoint deserialization flaw lets low-priv users run code

CyberSecureFox Editorial Team

Microsoft has released security updates that address the CVE-2026-45659 vulnerability in SharePoint Server — an untrusted data deserialization flaw with ...

Cybersecurity News

How CERT-In responds to AI-accelerated threats with 12-hour patch SLAs

CyberSecureFox Editorial Team

The Indian Computer Emergency Response Team (CERT-In) has published a 38-page CISG-2026-02 guideline that sets strict timelines for vulnerability remediation: ...

Graphic showing 'MINIFAST Backdoor' with global cyber threats visually represented.
Cybersecurity News

Iranian APT Nimbus Manticore Shifts from Phishing to SEO Poisoning

CyberSecureFox Editorial Team

The Iranian APT group Nimbus Manticore (also known as Screening Serpens and UNC1549) carried out three consecutive campaigns from February ...

123198 Next

CyberSecureFox

© 2026 INFO

About

About

Authors

Contact

Editorial

Editorial Standards

Corrections

Legal

Privacy Policy

Terms of Service