Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
How the AryStinger Botnet Exploits End-of-Life D-Link Routers
Researchers from Qianxin XLab have reported a previously unknown botnet, AryStinger, which they say has compromised more than 4,000 outdated ...
How AryStinger Hijacks Old Routers and QNAP NAS for Covert Recon
Researchers from QiAnXin XLab report on a new malware family, AryStinger, which infects legacy home routers based on Realtek RTL819X ...
Gravity SMTP flaw leaks email API keys via unauthenticated endpoint
The Gravity SMTP plugin for WordPress, installed on approximately 100,000 sites, is being massively exploited via the CVE-2026-4020 vulnerability (CVSS ...
Law Enforcement Dismantles SocGholish WordPress Malware
Law enforcement agencies in the Netherlands, Canada, Germany, and the United States have conducted a coordinated operation to dismantle the ...
Critical NGINX vulnerabilities CVE-2026-42530 and CVE-2026-42055 fixed by F5
F5 has released security updates that address two critical vulnerabilities in NGINX Open Source and related products. Both vulnerabilities — ...
Microsoft tracks Tor-based Windows crypto-clipper with USB worm
The Microsoft Defender Security Research team has published an in-depth analysis of a Windows crypto-clipper campaign that combines worm-like propagation ...
Microsoft Confirms Work on Patch for RoguePlanet CVE-2026-50656
Microsoft has confirmed it is working on a fix for vulnerability CVE-2026-50656 (CVSS 7.8) in the Microsoft Malware Protection Engine, ...
NarwhalRAT: New APT37 Campaign Targets Microsoft Account Users
The North Korean group ScarCruft (APT37), according to South Korean company Genians Security Center, has launched a new targeted phishing ...
Exploitation attempts reported for three critical FortiSandbox flaws
Three critical vulnerabilities in the Fortinet FortiSandbox product line — CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 — all with a CVSS 9.1 ...