Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
SharePoint deserialization flaw lets low-priv users run code
Microsoft has released security updates that address the CVE-2026-45659 vulnerability in SharePoint Server — an untrusted data deserialization flaw with ...
How CERT-In responds to AI-accelerated threats with 12-hour patch SLAs
The Indian Computer Emergency Response Team (CERT-In) has published a 38-page CISG-2026-02 guideline that sets strict timelines for vulnerability remediation: ...
Iranian APT Nimbus Manticore Shifts from Phishing to SEO Poisoning
The Iranian APT group Nimbus Manticore (also known as Screening Serpens and UNC1549) carried out three consecutive campaigns from February ...
Ghostwriter Phishing Campaign Abuses Prometheus to Deploy Cobalt Strike
The Ghostwriter group (also tracked as UAC-0057 and UNC1151), which has been linked to Belarus, is running a phishing campaign ...
TrapDoor Campaign Steals Crypto Keys via npm, PyPI, Crates.io
Researchers from Socket have discovered a coordinated supply chain attack, codenamed TrapDoor, that simultaneously affected the three largest package registries ...
Inside RemotePE, the Lazarus In-Memory RAT Targeting Crypto
Researchers from Fox-IT (an NCC Group division) have published a detailed analysis of the multi-stage malicious framework RemotePE — a ...
LiteSpeed cPanel Plugin 0‑Day CVE-2026-48172 Exploited in the Wild
The critical vulnerability CVE-2026-48172 with a maximum CVSS rating of 10.0 in the LiteSpeed User-End cPanel Plugin is being actively ...
How Europol and the FBI Took Down the Criminal First VPN Service
Law enforcement agencies in Europe and North America carried out a coordinated operation on 19–20 May to dismantle First VPN ...
CVE-2026-9082: SQL injection risk in Drupal PostgreSQL sites
The Drupal team has released security updates that address the CVE-2026-9082 vulnerability in the CMS core. The flaw allows unauthenticated ...
Kimwolf DDoS Botnet: Canadian Operator Arrested and Charged
The US Department of Justice announced the arrest of 23-year-old Canadian citizen Jacob Butler (alias Dort) from Ottawa on charges ...