Malware

The 50,000-Download Trap: How ‘ambar-src’ Typosquatting Compromised Windows, Linux, and macOS Devs OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The 50,000-Download Trap: How ‘ambar-src’ Typosquatting Compromised Windows, Linux, and macOS Devs

Do Son February 27, 2026

Tenable Research has uncovered a highly sophisticated, malicious npm package that amassed approximately 50,000 downloads before its...

The AI Evolution of Mobile Malware: SURXRAT V5 Combines Surveillance, Ransomware, and LLMs SURXRAT V5 AI-Assisted Android Malware

SURXRAT V5 AI-Assisted Android Malware

The AI Evolution of Mobile Malware: SURXRAT V5 Combines Surveillance, Ransomware, and LLMs

Do Son February 25, 2026

The Android malware landscape is undergoing a significant transformation, shifting away from simple data theft toward professionalized,...

The High Cost of Free: Cracked Music Plugins Weaponized to Infect macOS with Odyssey Malware Odyssey Malware MacSyncStealer

Odyssey Malware MacSyncStealer

The High Cost of Free: Cracked Music Plugins Weaponized to Infect macOS with Odyssey Malware

Do Son February 25, 2026

For many digital creators and music producers, the allure of high-end audio plugins can often lead to...

Malicious NuGet Packages Weaponize ASP.NET Identity for Production Backdoors NuGet Supply Chain Attack ASP.NET Identity Theft

NuGet Supply Chain Attack ASP.NET Identity Theft

Malicious NuGet Packages Weaponize ASP.NET Identity for Production Backdoors

Do Son February 25, 2026

Developers themselves are increasingly the primary target for cybercriminals, a new supply chain attack has been uncovered...

Stealth & Persistence: MuddyWater’s New Rust-Based Payload Mimics Cloudflare and Reddit

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Stealth & Persistence: MuddyWater’s New Rust-Based Payload Mimics Cloudflare and Reddit

Do Son February 25, 2026

While financially motivated cybercrime often dominates the headlines, state-sponsored espionage operates quietly in the background, prioritizing stealth...

Operation Olalampo: MuddyWater Unleashes AI-Assisted Rust Malware and Telegram C2 in MENA Espionage Surge Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Operation Olalampo: MuddyWater Unleashes AI-Assisted Rust Malware and Telegram C2 in MENA Espionage Surge

Do Son February 24, 2026

A new wave of targeted cyber-espionage is sweeping across the Middle East and North Africa (MENA) region....

Silver Fox APT Unleashes ‘Winos 4.0’ Malware via BYOVD Attacks Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Silver Fox APT Unleashes ‘Winos 4.0’ Malware via BYOVD Attacks

Do Son February 24, 2026

According to a new threat intelligence report, a highly organized Advanced Persistent Threat (APT) group has launched...

Hackers Weaponize Facebook Ads with Fake Windows 11 Updates Fake Windows 11 Ads Info-Stealing Malware

Fake Windows 11 Ads Info-Stealing Malware

Hackers Weaponize Facebook Ads with Fake Windows 11 Updates

Do Son February 24, 2026

Cybercriminals are leveraging the trust users place in their social media feeds to distribute stealthy information-stealing malware....

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT MIMICRAT Malware ClickFix Campaign

MIMICRAT Malware ClickFix Campaign

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT

Do Son February 24, 2026

Security researchers are sounding the alarm over a highly sophisticated malware campaign that weaponizes human helpfulness to...

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors

Do Son February 23, 2026

A critical security flaw in a widely used enterprise access platform is under active attack, prompting urgent...

The CAPTCHA Trap: How a Fake “ClickFix” Prompt Unleashed Latrodectus & Supper Malware ClickFix CAPTCHA Latrodectus Malware

ClickFix CAPTCHA Latrodectus Malware

The CAPTCHA Trap: How a Fake “ClickFix” Prompt Unleashed Latrodectus & Supper Malware

Do Son February 23, 2026

The simple act of verifying you are not a robot has been weaponized into a devastating corporate...

The Startup Stealer: How AI and Discord Powered the Arkanix MaaS Operation Arkanix Stealer Malware-as-a-Service (MaaS)

Arkanix Stealer Malware-as-a-Service (MaaS)

The Startup Stealer: How AI and Discord Powered the Arkanix MaaS Operation

Do Son February 23, 2026

The cybercrime underground is increasingly mirroring the legitimate tech industry, adopting customer-centric marketing, tiered subscriptions, and even...

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware ATM Jackpotting Ploutus Malware

ATM Jackpotting Ploutus Malware

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware

Do Son February 23, 2026

The Federal Bureau of Investigation (FBI) has issued an urgent FLASH report warning financial institutions of a...

The ‘ClickFix’ Trap: GrayCharlie Hijacks US Law Firms to Deploy NetSupport RAT GrayCharlie Malware ClickFix Attack

GrayCharlie Malware ClickFix Attack

The ‘ClickFix’ Trap: GrayCharlie Hijacks US Law Firms to Deploy NetSupport RAT

Do Son February 23, 2026

A highly active cybercriminal group is turning legitimate websites into traps, deploying a potent mix of fake...

Streaming Fraud: “Massiv” Android Trojan Uses Fake IPTV Apps for Complete Device Takeover Massiv Android Malware IPTV Banking Trojan

Massiv Android Malware IPTV Banking Trojan

Streaming Fraud: “Massiv” Android Trojan Uses Fake IPTV Apps for Complete Device Takeover

Do Son February 23, 2026

The mobile threat landscape is becoming increasingly perilous as cybercriminals devise new, unsuspicious ways to infiltrate smartphones....

Trojan Routers: Texas Sues TP-Link Over Alleged CCP Surveillance and Supply Chain Deception TP-Link Lawsuit CCP Surveillance

TP-Link Lawsuit CCP Surveillance

Trojan Routers: Texas Sues TP-Link Over Alleged CCP Surveillance and Supply Chain Deception

Do Son February 20, 2026

Texas Attorney General Ken Paxton has officially filed a lawsuit against TP-Link Systems Inc., accusing the global...

1.75 Million Apps Blocked: Google’s AI-Driven War on Android Malware in 2025 Google Play Security Android 16 Tapjacking Protection

Google Play Security Android 16 Tapjacking Protection

1.75 Million Apps Blocked: Google’s AI-Driven War on Android Malware in 2025

Do Son February 20, 2026

In a newly released blog post, Vijaya Kaza, VP and GM of App & Ecosystem Trust at...

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

Do Son February 19, 2026

Remcos, once a commercial remote management tool turned notorious Remote Access Trojan (RAT), has received an upgrade....

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign DocuSign Phishing SimpleHelp Malware

DocuSign Phishing SimpleHelp Malware

Hackers Weaponize DocuSign and SimpleHelp in Stealthy New Campaign

Do Son February 19, 2026

In a sophisticated blend of social engineering and technical evasion, cybercriminals are increasingly hiding behind trusted corporate...

New CRESCENTHARVEST Malware Targets Iranian Dissidents Zyxel security - Mitel MiCollab Vulnerability

Zyxel security - Mitel MiCollab Vulnerability

New CRESCENTHARVEST Malware Targets Iranian Dissidents

Do Son February 18, 2026

A new cyber espionage campaign is exploiting the political unrest in Iran to target dissidents and supporters...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-42208
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version...
CVE-2018-1273CVSS 9.8
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a...
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...