Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Critical NGINX vulnerabilities CVE-2026-42530 and CVE-2026-42055 fixed by F5
F5 has released security updates that address two critical vulnerabilities in NGINX Open Source and related products. Both vulnerabilities — ...
Microsoft tracks Tor-based Windows crypto-clipper with USB worm
The Microsoft Defender Security Research team has published an in-depth analysis of a Windows crypto-clipper campaign that combines worm-like propagation ...
Microsoft Confirms Work on Patch for RoguePlanet CVE-2026-50656
Microsoft has confirmed it is working on a fix for vulnerability CVE-2026-50656 (CVSS 7.8) in the Microsoft Malware Protection Engine, ...
NarwhalRAT: New APT37 Campaign Targets Microsoft Account Users
The North Korean group ScarCruft (APT37), according to South Korean company Genians Security Center, has launched a new targeted phishing ...
Exploitation attempts reported for three critical FortiSandbox flaws
Three critical vulnerabilities in the Fortinet FortiSandbox product line — CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 — all with a CVSS 9.1 ...
Socket uncovers 152 Chrome “live wallpaper” extensions faking traffic
Researchers at Socket identified a cluster of 152 Google Chrome extensions that were presented as live wallpapers and new tab ...
How Sniper Dz Uses Fake Facebook Pages and Push Ads in MENA
Researchers from Group-IB have revealed details of a large-scale fraud campaign targeting users in the Middle East and North Africa ...
Palo Alto PAN-OS GlobalProtect VPN Auth Bypass Exploited
Palo Alto Networks reported the active exploitation of vulnerability CVE-2026-0257 in the GlobalProtect portal and gateway components of GlobalProtect — ...
Critical Pre-Auth RCE Risk in Splunk Enterprise: CVE-2026-20253
Splunk has released emergency security updates to address the critical vulnerability CVE-2026-20253, rated CVSS 9.8, in Splunk Enterprise. The vulnerability ...
AudiA6 Crypto Laundering Service Seized in Europol Operation
On 10 June 2026, European law enforcement agencies coordinated by Europol dismantled AudiA6 — an industrial-scale cryptocurrency laundering service that ...
