Critical Alert 1 Active Exploit Detected Today

CVE-2024-21182 — Oracle WebLogic Server Unspecified Vulnerability →

Powered by CVE Watchtower

×

cybersecurity

Operation DualScript Bypasses Defenses to Hijack Crypto and Cash AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Operation DualScript Bypasses Defenses to Hijack Crypto and Cash

Ddos April 6, 2026

A sophisticated, multi-stage malware campaign dubbed Operation DualScript is currently bypassing traditional defenses to siphon funds from...

The DNS Trap: How a “Hidden” Path Allowed ChatGPT to Silently Leak Your Private Data

OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

The DNS Trap: How a “Hidden” Path Allowed ChatGPT to Silently Leak Your Private Data

Ddos April 6, 2026

In the world of AI, trust is built on a simple, unspoken agreement: what stays in the...

ResokerRAT Uses Telegram to Hijack Your PC and Disable Your Security Keys GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

ResokerRAT Uses Telegram to Hijack Your PC and Disable Your Security Keys

Ddos April 6, 2026

A new and sophisticated threat has emerged in the digital landscape, turning a popular messaging app into...

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season 2026 Tax Phishing RMM Abuse

2026 Tax Phishing RMM Abuse

Hackers are Using “Legit” IT Tools to Hijack the 2026 Tax Season

Ddos April 5, 2026

As the 2026 tax season reaches its peak, cybersecurity researchers have identified a massive surge in digital...

The BPO Backdoor: How “Mr. Raccoon” Swiped 13 Million Adobe Support Tickets Adobe BPO Breach Mr. Raccoon Hacker

Adobe BPO Breach Mr. Raccoon Hacker

The BPO Backdoor: How “Mr. Raccoon” Swiped 13 Million Adobe Support Tickets

Ddos April 3, 2026

The cybersecurity world is reeling following reports of a massive data breach at Adobe, orchestrated by a...

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive Coruna Exploit Kit iOS Kernel Vulnerability

Coruna Exploit Kit iOS Kernel Vulnerability

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive

Ddos April 2, 2026

On March 4, 2026, reports from Google and iVerify shed light on Coruna, a highly sophisticated exploit...

macOS Malware Hijacks Ledger Live with “Invisible” Electron Archives OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

macOS Malware Hijacks Ledger Live with “Invisible” Electron Archives

Ddos April 2, 2026

The macOS threat landscape is evolving, moving away from simple malicious binaries toward sophisticated “trojanization” of the...

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare PX4 Autopilot Vulnerability MAVLink 2.0 Security

PX4 Autopilot Vulnerability MAVLink 2.0 Security

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare

Ddos April 1, 2026

A critical security advisory has been issued for the PX4 Autopilot system. The vulnerability, tracked as CVE-2026-1579,...

Takedown-Proof: Inside the Ethereum-Powered “EtherRAT” and North Korea’s New Blockchain Backdoor EtherRAT EtherHiding

EtherRAT EtherHiding

Takedown-Proof: Inside the Ethereum-Powered “EtherRAT” and North Korea’s New Blockchain Backdoor

Ddos April 1, 2026

In a sophisticated blend of social engineering and decentralized technology, eSentire’s Threat Response Unit (TRU) recently detected...

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor

Ddos April 1, 2026

The Google Threat Intelligence Group (GTIG) has issued an urgent warning regarding a sophisticated software supply chain...

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder

Ddos March 31, 2026

In a major configuration oversight, the source code for Claude Code—Anthropic’s flagship agentic CLI tool—was recently leaked...

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap Reservation Hijacking Hotel Phishing

Reservation Hijacking Hotel Phishing

The Reservation Hijack: When Your Hotel Booking Becomes a Cyber Trap

Ddos March 31, 2026

Imagine receiving a WhatsApp message from your hotel’s Guest Relations team just days before your family vacation....

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Ddos March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS ClickFix Social Engineering Living-off-the-Land (LotL) Attacks

ClickFix Social Engineering Living-off-the-Land (LotL) Attacks

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS

Ddos March 30, 2026

A sophisticated social engineering technique known as ClickFix has transitioned from a niche tactic into a standardized,...

The Anonymity Myth: How the FBI Unmasked a “Hide My Email” User in Under 48 Hours Apple Hide My Email unmasking

Apple Hide My Email unmasking

The Anonymity Myth: How the FBI Unmasked a “Hide My Email” User in Under 48 Hours

Ddos March 30, 2026

Apple provisions a “Hide My Email” feature within its iCloud sanctuary, generating randomized addresses to safeguard user...

The Spider’s Web: How Iranian Hackers Compromised FBI Director Kash Patel’s Personal Gmail Kash Patel email hack

Kash Patel email hack

The Spider’s Web: How Iranian Hackers Compromised FBI Director Kash Patel’s Personal Gmail

Ddos March 30, 2026

Recently, the personal Google email account of FBI Director Kash Patel was compromised by the Handala Hack...

The “Gentlemen” Ransomware Toolkit and the Lethal z1.bat Pre-Encryption Weapon TheGentlemen Ransomware z1.bat script

TheGentlemen Ransomware z1.bat script

The “Gentlemen” Ransomware Toolkit and the Lethal z1.bat Pre-Encryption Weapon

Ddos March 30, 2026

Researchers have uncovered a “structured, maintained operational toolkit” belonging to an affiliate of TheGentlemen ransomware-as-a-service (RaaS) group....

Unmasking the PhantomVAI Framework’s Fileless Assault on Corporate Defenses SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

Unmasking the PhantomVAI Framework’s Fileless Assault on Corporate Defenses

Ddos March 30, 2026

Security researchers at LevelBlue SpiderLabs have recently dismantled a sophisticated, multi-stage malware delivery campaign that proves even...

Tax Audits and WhatsApp Clones: How “Silver Fox” is Redefining Cyber-Espionage in South Asia WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Tax Audits and WhatsApp Clones: How “Silver Fox” is Redefining Cyber-Espionage in South Asia

Ddos March 29, 2026

A new report from Sekoia’s Threat Detection & Research (TDR) team has detailed the curtain on Silver...

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff Telegram Zero-Click ZDI-CAN-30207

Telegram Zero-Click ZDI-CAN-30207

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff

Ddos March 27, 2026

A critical security flaw has been unearthed in Telegram, the world’s leading encrypted messaging platform, drawing significant...