Mastodon Mastodon Mastodon Mastodon

Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

Joomla interface highlighting critical RCE vulnerabilities with warnings.

Critical iCagenda and Balbooa Forms RCE Flaws Actively Exploited

CyberSecureFox Editorial Team

On July 10, 2026, CISA added two maximum‑severity vulnerabilities to the KEV catalog — CVE-2026-48939 and CVE-2026-56291 — affecting the ...

ModHeader extension graphic highlighting privacy concerns and browser icons.

ModHeader HTTP header editor found with dormant data exfiltration code

CyberSecureFox Editorial Team

Google and Microsoft have removed the popular HTTP header editing tool ModHeader (around 1.6 million installations on Chrome and Edge) ...

Digital illustration depicting a shattered shield symbolizing cyber threat.

RoguePlanet in Microsoft Defender: CVE-2026-50656 Fixed, New DoS Concerns

CyberSecureFox Editorial Team

Microsoft has fixed the critical privilege escalation vulnerability CVE-2026-50656 (RoguePlanet) in Microsoft Defender, rated 7.8 on the CVSS scale, but ...

Illustration of a computer screen showcasing XSS vulnerability in an email.

Zimbra 10.1.19: Mitigating Stored XSS via Malicious Emails

CyberSecureFox Editorial Team

Zimbra has released an update, Zimbra Collaboration Suite 10.1.19, that fixes a stored XSS vulnerability in the Classic Web Client ...

XQUIC server graphic depicting a vulnerability impact via QPACK.

How the XRING vulnerability exposes XQUIC HTTP/3 servers

CyberSecureFox Editorial Team

In the XQUIC library — Alibaba’s open-source implementation of the QUIC and HTTP/3 protocols — a vulnerability has been discovered ...

GigaWiper logo with files disappearing from a computer screen.

How the GigaWiper Backdoor Enables Espionage and Data Wiping

CyberSecureFox Editorial Team

Microsoft has published a detailed analysis of the destructive backdoor GigaWiper — a Windows malware written in Go that merges ...

** NPM package signifies risk, showcasing a key and wallet symbols in a dark setting.

Backdoored Injective Labs SDK Targets Private Keys and Seed Phrases

CyberSecureFox Editorial Team

Attackers compromised the official GitHub repository of the Injective Labs project and published a malicious version of the SDK package ...

ShareFile storage zone controller displaying shutdown alert and security icons.

Why Progress Is Forcing ShareFile Storage Zone Controllers Offline

CyberSecureFox Editorial Team

Progress Software has instructed ShareFile customers to immediately shut down Windows servers running the Storage Zone Controller component, citing a ...

Laser targeting a shielded card, representing security flaws in Tangem Cards.

Tangem Hardware Wallets Exposed to Costly Laser PIN Reset Attack

CyberSecureFox Editorial Team

The Ledger Donjon research team has disclosed a vulnerability in Tangem cryptocurrency wallets: a precisely timed laser pulse aimed at ...

Graphic depicting cybersecurity vulnerabilities with lock and shield icons.

BeyondTrust Remote Support and PRA: four flaws and AI discovery

CyberSecureFox Editorial Team

BeyondTrust has released updates for its Remote Support (RS) and Privileged Remote Access (PRA) products that fix four vulnerabilities, two ...