Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
PowMix Botnet Targets Czech Job Market with PowerShell-Based In-Memory Malware
A new botnet dubbed PowMix has been observed targeting employees and job seekers in the Czech Republic, according to Cisco ...
Vercel Security Breach Tied to Context.ai Compromise Highlights OAuth and Environment Variable Risks
Vercel, one of the leading providers of web infrastructure and hosting for modern front‑end frameworks, has disclosed a security incident ...
Grinex Crypto Exchange Hack Exposes Sanctions Evasion Network
The Kyrgyz cryptocurrency exchange Grinex, already under UK and US sanctions, has suspended operations following a large‑scale cyberattack. According to ...
CVE-2026-33032 (MCPwn): Critical nginx-ui Authentication Bypass Under Active Exploitation
A critical vulnerability in nginx-ui, a popular open-source web interface for managing Nginx, is being actively exploited and allows attackers ...
Microsoft Rushes to Restore Windows Hardware Program Accounts After Driver Signing Disruption
Microsoft is rolling out an accelerated account recovery process for participants in the Windows Hardware Program after a wave of ...
Microsoft Defender Zero‑Days BlueHammer, RedSun and UnDefend Are Under Active Attack
Three newly disclosed zero‑day vulnerabilities in Microsoft Defender are being actively exploited in the wild, creating a high‑risk scenario for ...
Mirai-Style IoT Botnets Target TBK DVRs and Legacy TP-Link Routers
Internet of Things (IoT) devices are again at the center of large-scale cyber campaigns. Security researchers report that new Mirai-derived ...
Google Play Privacy Overhaul and Gemini AI Crackdown on Fraudulent Ads
Google is rolling out a significant update to the Google Play privacy policy, reshaping how Android apps access contacts and ...
Obsidian Plugins Abused to Deliver PHANTOMPULSE Malware in Targeted Financial Sector Attacks
A newly documented cyber campaign, tracked as REF6598, is abusing the popular cross‑platform note‑taking application Obsidian to gain a foothold ...
UAC-0247 Campaign Targets Ukrainian Government and Healthcare with Advanced Malware Toolkit
Ukraine’s national Computer Emergency Response Team, CERT-UA, has disclosed details of a new targeted cyber-espionage campaign tracked as UAC‑0247. The ...
