8+ hour, 3+ min ago  (195+ words) According to threat intelligence reports from Seqrite, the campaign culminates in the deployment of a customized Xeno RAT 1. 8. 7 implant that beacons to bulletproof European infrastructure. The attack sequence opens with a ZIP archive containing a malicious LNK file. Threat actors…...

8+ hour, 53+ min ago  (580+ words) A critical authentication-bypass vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access is being actively exploited by malicious actors. In response to mounting attacks, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0257 to its Known Exploited Vulnerabilities (KEV) catalog…...

1+ day, 8+ hour ago  (598+ words) Zapocalypse" is a newly disclosed attack chain that shows how attackers could have abused Zapier's Code by Zapier" feature to move from a single sandboxed Python step to a potential full-scale Zapier account takeover. The result was a realistic path…...

2+ day, 8+ hour ago  (700+ words) Hackers are abusing two bulletproof hosting providers, GHOSTYNETWORKS and OMEGATECH, to run a global Java Script (JS) malware infrastructure that powers large'scale malspam and business email compromise activity. In March 2026, multiple malspam waves delivered a Java Script backdoor via ZIP…...

2+ day, 7+ hour ago  (711+ words) Fortinet customers are facing a new wave of attacks after a critical flaw in Forti Client Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential'stealing malware. The vulnerability, tracked as CVE'2026'35616, allows unauthenticated…...

2+ day, 6+ hour ago  (544+ words) Threat actors behind the Clear Fake campaign have adopted a novel and highly resilient command-and-control (C2) architecture by leveraging BNB Smart Chain (BSC) testnet smart contracts, creating an infrastructure that is effectively immune to traditional takedown efforts. Once deployed, the data…...

4+ day, 7+ hour ago  (412+ words) Connect Wise has released a security update to address a high-severity vulnerability in its Connect Wise Automate remote monitoring and management (RMM) platform, a widely used tool for managed service providers (MSPs). The flaw, tracked as CVE-2026-9089, carries a CVSS…...

1+ week, 1+ day ago  (444+ words) Flipper Devices has officially unveiled'Flipper One, a modular, Linux-based cyberdeck designed to push the boundaries of open hardware and portable network analysis platforms. Flipper One is not an upgrade but a separate platform built for IP-based operations (Layer 1), focusing on…...

1+ week, 5+ hour ago  (376+ words) Microsoft Threat Intelligence disclosed the full attack chain on May 22, 2026, documenting how a single compromised edge appliance cascaded into domain-level compromise spanning Linux hosts, an internal Atlassian Confluence server, and Windows authentication systems. In the documented incident, investigators traced the…...

1+ week, 6+ hour ago  (407+ words) A critical zero-day privilege escalation vulnerability in the Lite Speed User-End c Panel plugin is being actively exploited in the wild, enabling any authenticated c Panel user to execute arbitrary scripts as'root'and gain full server control. Tracked as'CVE-2026-48172'with a…...