11+ hour, 2+ min ago  (303+ words) gbhackers. com Muddy Water-Style Hackers Probe 12, 000+ Systems Ahead of Middle East A threat group resembling Muddy Water has conducted a large-scale reconnaissance and intrusion operation targeting critical sectors in the Middle East, including aviation, energy, and government entities. The attackers…...

18+ hour, 14+ min ago  (189+ words) Fortinet has recently released a comprehensive security update, patching 11 newly identified vulnerabilities across several of its core enterprise products. Addressing these vulnerabilities is paramount for organizations relying on these solutions to maintain robust network security and prevent potential unauthorized access…...

16+ hour, 40+ min ago  (231+ words) Microsoft issued an urgent security update addressing an actively exploited zero-day vulnerability in its Share Point Server platform. Because threat actors are already exploiting this weakness in the wild, system administrators must apply the available patches immediately to protect their…...

1+ day, 12+ hour ago  (419+ words) Added to the Known Exploited Vulnerabilities (KEV) catalog on April 13, 2026, these flaws impact the Microsoft Windows Common Log File System (CLFS) and Microsoft Exchange Server. Federal agencies and private organizations are strongly urged to patch these systems immediately to prevent…...

1+ day, 17+ hour ago  (405+ words) Synology has recently released a crucial security update to fix two notable vulnerabilities in its SSL VPN Client utility. Tracked under the security advisory Synology-SA-26: 05, these flaws could allow remote attackers to access sensitive system files and intercept secure network…...

1+ day, 18+ hour ago  (456+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet software. On April 13, 2026, CISA added CVE-2026-21643 to its Known Exploited Vulnerabilities (KEV) catalog. This action confirms that threat actors are actively…...

1+ day, 18+ hour ago  (223+ words) The discovery indicates a new phase in APT41s Linux and cloud-targeted operations, marking a meaningful evolution in their tradecraft. Unlike typical HTTPS or DNS callbacks, the backdoor communicates over'SMTP port 25, a port often left unrestricted in cloud networks hosting mail services....

5+ day, 14+ hour ago  (374+ words) If left unpatched, these critical flaws could allow attackers to take full control of the device, steal sensitive network data, and compromise connected systems. Because routers serve as the primary gateway for all internet traffic, compromising this device gives attackers…...

5+ day, 16+ hour ago  (563+ words) The assessment is based on a misconfigured command'and'control (C2) web server, 15 malware samples, and a previously undocumented Java Script/Node. js payload named Chain Shell. Investigators conclude that Muddy Water is running at least two Castle RAT builds against Israeli targets…...

1+ week, 18+ hour ago  (670+ words) More than 1, 000 Comfy UI servers are currently reachable on the public Internet, even after filtering out honeypots, giving attackers a small but lucrative attack surface concentrated on GPU'rich cloud infrastructure. Once compromised, hosts are folded into two revenue streams: Monero…...