News Archives • Page 9 of 631 • Daily CyberSecurity

CountLoader Malware Weaponizes EtherHiding to Deploy Stealth Crypto Clippers CountLoader Malware EtherHiding Crypto Clipper

CountLoader Malware Weaponizes EtherHiding to Deploy Stealth Crypto Clippers

Ddos May 18, 2026

A sprawling cybercriminal operation has been intercepted, but not before thousands of machines were quietly infected by...

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2 NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2

Ddos May 18, 2026

A sophisticated new command-and-control (C2) technique has emerged, revealing threat actors who operate more like modern SaaS...

Unmasked: 16GB “Rocket” Database Leak Exposes The Gentlemen Ransomware Cartel The Gentlemen Ransomware Leak Rocket Database RaaS

Unmasked: 16GB “Rocket” Database Leak Exposes The Gentlemen Ransomware Cartel

Ddos May 18, 2026

A massive internal data leak has blown the lid off “The Gentlemen,” a highly organized Ransomware-as-a-Service (RaaS)...

Gamaredon Exploits WinRAR Path Traversal to Unleash GammaDrop Malware The Gentlemen Ransomware Leak Rocket Database RaaS

Gamaredon Exploits WinRAR Path Traversal to Unleash GammaDrop Malware

Ddos May 18, 2026

A new investigation has unmasked a relentless spearphishing campaign by the Russian-aligned threat actor Gamaredon, exposing their...

Windows 11 Finally Brings Back the Movable Taskbar and Resizable Start Menu Windows 11 KB5089549 update error 0x800f0922 Windows 11 taskbar relocation

Windows 11 KB5089549 update error 0x800f0922 Windows 11 taskbar relocation

Windows 11 Finally Brings Back the Movable Taskbar and Resizable Start Menu

Ddos May 18, 2026

Microsoft plans to initiate a monumental recalibration of the Windows 11 user interface, seeking to address prolonged...

OpenAI Debuts “Finances” Feature to Turn ChatGPT into Your Personal Wealth Manager ChatGPT Finances Plaid feature

OpenAI Debuts “Finances” Feature to Turn ChatGPT into Your Personal Wealth Manager

Ddos May 18, 2026

OpenAI has announced the debut of a pioneering personal wealth preview feature dubbed Finances, currently available exclusively...

Critical RCE Flaw in Apache Flink (CVE-2026-35194) Threatens TaskManagers CVE-2020-17519 Apache Flink Vulnerability CVE-2026-35194 RCE

Critical RCE Flaw in Apache Flink (CVE-2026-35194) Threatens TaskManagers

Ddos May 18, 2026

A critical severity vulnerability, tracked as CVE-2026-35194, has been disclosed in Apache Flink, exposing the distributed processing...

Critical Strapi Flaws Enable Unauthenticated Admin Takeover and Server RCE Strapi CMS Vulnerabilities CVE-2026-27886 Admin Takeover

Critical Strapi Flaws Enable Unauthenticated Admin Takeover and Server RCE

Ddos May 18, 2026

A pair of severe vulnerabilities discovered in Strapi, the widely used open-source headless Content Management System (CMS),...

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 11 – May 17, 2026)

Ddos May 18, 2026

Welcome to your weekly vulnerability digest. If your security dashboards have been flashing red, your telemetry is...

Three Critical 9.4 CVSS Flaws Expose n8n Automation Nodes to Full RCE n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Three Critical 9.4 CVSS Flaws Expose n8n Automation Nodes to Full RCE

Ddos May 18, 2026

Technical teams using the popular workflow automation platform n8n are facing a high-stakes security advisory after researchers...

No Encryption Needed: New “GhostLock” Technique Weaponizes Windows SMB to Freeze Enterprise Files GhostLock Ransomware Evasion SMB File Share Lockout

GhostLock Ransomware Evasion SMB File Share Lockout

No Encryption Needed: New “GhostLock” Technique Weaponizes Windows SMB to Freeze Enterprise Files

Ddos May 18, 2026

Security researchers have unveiled a novel defensive bypass that allows any low-privileged domain user to lock down...

MiniPlasma Zero-Day: PoC Exploit Code and Vulnerability Details Publicly Disclosed for Windows 11 MiniPlasma exploit Windows privilege escalation

MiniPlasma exploit Windows privilege escalation

MiniPlasma Zero-Day: PoC Exploit Code and Vulnerability Details Publicly Disclosed for Windows 11

Ddos May 18, 2026

A ghost from Patch Tuesdays past has returned to haunt Microsoft. A security researcher operating under the...

CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints Quest KACE SMA Vulnerability CVE-2025-32975 Exploit

CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints

Ddos May 16, 2026

Cybersecurity researchers have just dropped a report on a critical “management plane” threat that has spent the...

Paper Werewolf Unleashed: Custom Stealers and AI-Assisted Loaders Target Global Industrial Hubs Paper Werewolf Espionage PaperGrabber Malware

Paper Werewolf Espionage PaperGrabber Malware

Paper Werewolf Unleashed: Custom Stealers and AI-Assisted Loaders Target Global Industrial Hubs

Ddos May 15, 2026

A new wave of cyber espionage has been unleashed against Russian industrial, financial, and transport sectors, revealing...

Stealth & Automation: Seedworm’s 2026 Global Campaign Hijacks Security Software to Deploy ChromElevator Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Stealth & Automation: Seedworm’s 2026 Global Campaign Hijacks Security Software to Deploy ChromElevator

Ddos May 15, 2026

A sprawling espionage campaign linked to the Iranian state has been uncovered, revealing a significant evolution in...

Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

Root Access Race: TOCTOU Vulnerability (CVE-2026-41702) Hits VMware Fusion

Ddos May 15, 2026

Broadcom has recently issued a critical alert and accompanying patches for VMware Fusion, addressing a local privilege...

OpenAI code signing certificate rotation AI private equity joint ventures OpenAI Axios Supply Chain Attack OpenAI Promptfoo acquisition OpenAI military resignation ChatGPT Plus military fraud OpenAI smart speaker Jony Ive OpenAI Frontier platform ChatGPT AI age prediction 2026, OpenAI Persona age verification Sarah Friar OpenAI infrastructure, AI Scaling Law revenue OpenAI Gumdrop AI pen, Jony Ive OpenAI hardware 2027 OpenAI New CRO, Denise Dresser Monetization Strategy OpenAI Competitive Pressure Gemini 3 Overtake OpenAI Infrastructure, AI Closed Loop Economy

OpenAI Forces Code Signing Certificate Rotation After TanStack Supply Chain Breach

Ddos May 15, 2026

Recent adversarial maneuvers targeting the npm ecosystem have precipitated a series of supply chain incursions, with OpenAI...

Desktop Power, Mobile Control: OpenAI Brings Remote Codex Management to the ChatGPT App OpenAI legacy model deprecation OpenAI Codex mobile integration

OpenAI legacy model deprecation OpenAI Codex mobile integration

Desktop Power, Mobile Control: OpenAI Brings Remote Codex Management to the ChatGPT App

Ddos May 15, 2026

For a considerable duration, developers utilizing Codex have anticipated the extension of the platform to mobile environments,...

PoC Released: Critical Linux Kernel ptrace Flaw Publicly Disclosed—Unprivileged Root File Access Possible

Ddos May 15, 2026

A critical “sanity check” gap in the Linux kernel’s ptrace logic has finally been addressed, but not...

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

Apple Joins Google to Fight EU Mandate on Deep AI System Access

Ddos May 15, 2026

According to recent intelligence, Apple has released an official submission to the European Commission, aligning itself with...

Critical Alert 1 Active Exploit Detected Today