Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
NarwhalRAT: New APT37 Campaign Targets Microsoft Account Users
The North Korean group ScarCruft (APT37), according to South Korean company Genians Security Center, has launched a new targeted phishing ...
Exploitation attempts reported for three critical FortiSandbox flaws
Three critical vulnerabilities in the Fortinet FortiSandbox product line — CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 — all with a CVSS 9.1 ...
Socket uncovers 152 Chrome “live wallpaper” extensions faking traffic
Researchers at Socket identified a cluster of 152 Google Chrome extensions that were presented as live wallpapers and new tab ...
How Sniper Dz Uses Fake Facebook Pages and Push Ads in MENA
Researchers from Group-IB have revealed details of a large-scale fraud campaign targeting users in the Middle East and North Africa ...
Palo Alto PAN-OS GlobalProtect VPN Auth Bypass Exploited
Palo Alto Networks reported the active exploitation of vulnerability CVE-2026-0257 in the GlobalProtect portal and gateway components of GlobalProtect — ...
Critical Pre-Auth RCE Risk in Splunk Enterprise: CVE-2026-20253
Splunk has released emergency security updates to address the critical vulnerability CVE-2026-20253, rated CVSS 9.8, in Splunk Enterprise. The vulnerability ...
AudiA6 Crypto Laundering Service Seized in Europol Operation
On 10 June 2026, European law enforcement agencies coordinated by Europol dismantled AudiA6 — an industrial-scale cryptocurrency laundering service that ...
Researcher Publishes GreatXML PoC for Alleged BitLocker Bypass
Security researcher known under the aliases Chaotic Eclipse, Nightmare-Eclipse and MSNightmare has published on GitHub a public proof-of-concept exploit called ...
How npm 12’s New Script Approval Model Impacts Developers
GitHub has announced a set of critical changes in npm version 12, the most important of which is disabling dependency ...
ESET Links New OceanLotus Campaigns to Domestic Vietnam Spying
ESET researchers have attributed two 2024–2026 campaigns to the OceanLotus (APT32) group, targeting domestic Vietnamese entities: an infrastructure construction corporation ...
