Critical Alert 1 Active Exploit Detected Today

CVE-2026-9082 — Drupal Core SQL Injection Vulnerability →

Powered by CVE Watchtower

×

backdoor

Security Alert: Cemu Emulator Linux Releases Compromised via GitHub Backdoor (May 2026) Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Security Alert: Cemu Emulator Linux Releases Compromised via GitHub Backdoor (May 2026)

Ddos May 13, 2026

The Claude AI Trap: Sophos Uncovers Undocumented Backdoor Hiding in Fake “Pro” Lure Claude AI Malware DonutLoader Backdoor

Claude AI Malware DonutLoader Backdoor

The Claude AI Trap: Sophos Uncovers Undocumented Backdoor Hiding in Fake “Pro” Lure

Ddos May 11, 2026

Arcane Door Reopened: The Cisco Firepower Backdoor That Only a Hard Reboot Can Kill Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Arcane Door Reopened: The Cisco Firepower Backdoor That Only a Hard Reboot Can Kill

Ddos April 24, 2026

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor

Ddos April 1, 2026

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers LiteLLM PyPI Supply Chain Attack

LiteLLM PyPI Supply Chain Attack

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers

Ddos March 25, 2026

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Fake GitHub Repositories Unleash BoryptGrab Stealer and TunnesshClient Backdoor

Ddos March 9, 2026

Sabotage & Exploited in the Wild: Critical Backdoor Found in LA-Studio Element Kit CVE-2022-45359 LA-Studio Element Kit Backdoor CVE-2026-0920

CVE-2022-45359 LA-Studio Element Kit Backdoor CVE-2026-0920

Sabotage & Exploited in the Wild: Critical Backdoor Found in LA-Studio Element Kit

Ddos January 23, 2026

New Campaign Targets FortiGate Firewalls with Unauthorized Config Changes BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

New Campaign Targets FortiGate Firewalls with Unauthorized Config Changes

Ddos January 22, 2026

The Christmas Heist: How Shai-Hulud Hijacked Trust Wallet for an $8.5M Score Trust Wallet Shai-Hulud attack, NPM supply chain crypto heist Trust Wallet supply-chain attack 2025, v2.68.0 malicious update

Trust Wallet Shai-Hulud attack, NPM supply chain crypto heist Trust Wallet supply-chain attack 2025, v2.68.0 malicious update

The Christmas Heist: How Shai-Hulud Hijacked Trust Wallet for an $8.5M Score

Ddos December 31, 2025

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

lotusbail, npm Supply Chain Attack

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

Ddos December 25, 2025

“Webrat” Trap: Hackers Lure Junior Security Researchers with Fake GitHub Exploits Webrat Malware, Fake PoC Exploits

Webrat Malware, Fake PoC Exploits

“Webrat” Trap: Hackers Lure Junior Security Researchers with Fake GitHub Exploits

Ddos December 24, 2025

AI-Generated Decoys & XLL Stealth: Inside the New “EchoGather” Cyber Espionage Campaign AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AI-Generated Decoys & XLL Stealth: Inside the New “EchoGather” Cyber Espionage Campaign

Ddos December 23, 2025

New NANOREMOTE Backdoor Uses Google Drive API for Covert C2 and Links to FINALDRAFT Espionage Group NANOREMOTE Google Drive C2, FINALDRAFT Link

NANOREMOTE Google Drive C2, FINALDRAFT Link

New NANOREMOTE Backdoor Uses Google Drive API for Covert C2 and Links to FINALDRAFT Espionage Group

Ddos December 15, 2025

Silent Supply Chain Attack: Malicious Go Typosquat Siphoned Data to Pastebin for Four Years Undetected Go Typosquatting, Pastebin Exfiltration

Go Typosquatting, Pastebin Exfiltration

Silent Supply Chain Attack: Malicious Go Typosquat Siphoned Data to Pastebin for Four Years Undetected

Ddos December 9, 2025

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks Rust Crates.io Backdoor, EVM Stealth Loader

Rust Crates.io Backdoor, EVM Stealth Loader

Malicious Rust Package ‘evm-units’ Exposes Crypto Developers to Stealth Attacks

Ddos December 3, 2025

Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Backdoor Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Backdoor

Ddos November 21, 2025

Sekoia Exposes PolarEdge Backdoor: Custom mbedTLS C2 Compromising Cisco, QNAP, and Synology Devices PolarEdge TLS Backdoor, Custom C2

PolarEdge TLS Backdoor, Custom C2

Sekoia Exposes PolarEdge Backdoor: Custom mbedTLS C2 Compromising Cisco, QNAP, and Synology Devices

Ddos October 15, 2025

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates

Ddos October 3, 2025

Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access

Ddos October 1, 2025

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Ddos September 26, 2025