19+ hour, 52+ min ago  (456+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet software. On April 13, 2026, CISA added CVE-2026-21643 to its Known Exploited Vulnerabilities (KEV) catalog. This action confirms that threat actors are actively…...

19+ hour, 38+ min ago  (223+ words) The discovery indicates a new phase in APT41s Linux and cloud-targeted operations, marking a meaningful evolution in their tradecraft. Unlike typical HTTPS or DNS callbacks, the backdoor communicates over'SMTP port 25, a port often left unrestricted in cloud networks hosting mail services....

4+ day, 16+ hour ago  (374+ words) If left unpatched, these critical flaws could allow attackers to take full control of the device, steal sensitive network data, and compromise connected systems. Because routers serve as the primary gateway for all internet traffic, compromising this device gives attackers…...

4+ day, 18+ hour ago  (563+ words) The assessment is based on a misconfigured command'and'control (C2) web server, 15 malware samples, and a previously undocumented Java Script/Node. js payload named Chain Shell. Investigators conclude that Muddy Water is running at least two Castle RAT builds against Israeli targets…...

6+ day, 19+ hour ago  (670+ words) More than 1, 000 Comfy UI servers are currently reachable on the public Internet, even after filtering out honeypots, giving attackers a small but lucrative attack surface concentrated on GPU'rich cloud infrastructure. Once compromised, hosts are folded into two revenue streams: Monero…...

6+ day, 18+ hour ago  (384+ words) In a major counter-cyberespionage action dubbed "Operation Masquerade," the U. S. Justice Department and the FBI successfully neutralized a global network of compromised small office/home office (SOHO) routers. The campaign is officially attributed to GRU Military Unit 26165, widely known in the…...

6+ day, 14+ hour ago  (661+ words) Operating quietly since early 2023 and still active in 2026, Masjesu (also known as Xor Bot) shows how mature, stealth-focused botnets are reshaping the DDo S marketplace. Masjesu is a commercially run Io T botnet advertised as a DDo S-for-hire service, with…...

1+ week, 13+ hour ago  (340+ words) Scheduled for presentation at the IEEE Symposium on Security & Privacy in 2026, University of Toronto researchers revealed how manipulating GPU memory can lead to a full CPU root shell. Previously, GPU Rowhammer attacks primarily caused localized data corruption, such as slightly…...

1+ week, 18+ hour ago  (569+ words) Iran-linked threat actors have launched a coordinated password-spraying campaign targeting Microsoft 365 environments across the Middle East, according to new findings. The activity, observed throughout March 2026, unfolded in three distinct waves on March 3, March 13, and March 23. The campaign primarily targeted organizations…...

1+ week, 1+ day ago  (598+ words) Hackers are abusing Windows shortcut files and Git Hub to run a stealthy, multi'stage malware campaign against organizations in South Korea. The operation chains LNK files, Power Shell, and Git Hub APIs to deliver surveillance tools while blending into normal…...