Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Zero-Day Exploitation of KnowledgeDeliver LMS via ASP.NET ViewState
The CVE-2026-5426 vulnerability (CVSS 7.5) in the Digital Knowledge KnowledgeDeliver learning management system, widely used in Japan, was exploited as ...
Mass Ghost CMS compromises via CVE-2026-26980 SQL injection
The critical vulnerability CVE-2026-26980 (CVSS 9.4) in the Ghost CMS platform is being actively exploited by attackers to mass-inject malicious ...
Banking Trojans Hide in WebRTC and MaaS: Grandoreiro, BTMOB
Two parallel banking Trojan campaigns — Grandoreiro for Windows and BTMOB RAT for Android — are actively targeting financial organizations ...
Malicious npm Package Steals Claude AI Data via /mnt/user-data
Researchers at OX Security have discovered a malicious npm package called mouse5212-super-formatter, which steals files from the /mnt/user-data directory — ...
SharePoint deserialization flaw lets low-priv users run code
Microsoft has released security updates that address the CVE-2026-45659 vulnerability in SharePoint Server — an untrusted data deserialization flaw with ...
How CERT-In responds to AI-accelerated threats with 12-hour patch SLAs
The Indian Computer Emergency Response Team (CERT-In) has published a 38-page CISG-2026-02 guideline that sets strict timelines for vulnerability remediation: ...
Iranian APT Nimbus Manticore Shifts from Phishing to SEO Poisoning
The Iranian APT group Nimbus Manticore (also known as Screening Serpens and UNC1549) carried out three consecutive campaigns from February ...
Ghostwriter Phishing Campaign Abuses Prometheus to Deploy Cobalt Strike
The Ghostwriter group (also tracked as UAC-0057 and UNC1151), which has been linked to Belarus, is running a phishing campaign ...
TrapDoor Campaign Steals Crypto Keys via npm, PyPI, Crates.io
Researchers from Socket have discovered a coordinated supply chain attack, codenamed TrapDoor, that simultaneously affected the three largest package registries ...
Inside RemotePE, the Lazarus In-Memory RAT Targeting Crypto
Researchers from Fox-IT (an NCC Group division) have published a detailed analysis of the multi-stage malicious framework RemotePE — a ...