malware

The “D” is for Danger: How a Tiny Typo in MAS Activation Hijacks Your PC WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

The “D” is for Danger: How a Tiny Typo in MAS Activation Hijacks Your PC

Do Son December 26, 2025

The well-known activation tool MAS offers a PowerShell command that allows users to load an activation script...

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

lotusbail, npm Supply Chain Attack

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

Do Son December 25, 2025

A new investigation by Koi Security has exposed a highly sophisticated supply chain attack lurking in the...

Evasive Panda APT Hijacks Dictionary.com and App Updates in Two-Year Spree Evasive Panda, AitM

Evasive Panda, AitM

Evasive Panda APT Hijacks Dictionary.com and App Updates in Two-Year Spree

Do Son December 25, 2025

A notorious cyber-espionage group has spent the last two years conducting a highly targeted surveillance campaign, hijacking...

“Webrat” Trap: Hackers Lure Junior Security Researchers with Fake GitHub Exploits Webrat Malware, Fake PoC Exploits

Webrat Malware, Fake PoC Exploits

“Webrat” Trap: Hackers Lure Junior Security Researchers with Fake GitHub Exploits

Do Son December 24, 2025

A cunning malware campaign initially designed to trick gamers has evolved into a dangerous trap for aspiring...

“Tax Compliance” Trap: Hackers Mimic Indian Income Tax Department to Deploy China-Linked Malware Income Tax Phishing, China-Linked APT

Income Tax Phishing, China-Linked APT

“Tax Compliance” Trap: Hackers Mimic Indian Income Tax Department to Deploy China-Linked Malware

Do Son December 23, 2025

As tax filing season discussions linger, a new and sophisticated phishing campaign is targeting Indian businesses by...

“Caminho” to Compromise: BlindEagle Hackers Hijack Government Emails in Colombia Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

“Caminho” to Compromise: BlindEagle Hackers Hijack Government Emails in Colombia

Do Son December 22, 2025

A notorious cyber-espionage group known for terrorizing South American institutions has launched a new campaign against the...

YouTube Ghost Network: The New GachiLoader Malware Hiding in Your Favorite Video Links GachiLoader, YouTube Ghost Network

GachiLoader, YouTube Ghost Network

YouTube Ghost Network: The New GachiLoader Malware Hiding in Your Favorite Video Links

Do Son December 19, 2025

A massive network of compromised YouTube accounts is being weaponized to spread a sophisticated new threat, turning...

Phantom v3.5 Alert: New Info-Stealer Disguised as Adobe Update Uses SMTP to Loot Digital Lives Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Phantom v3.5 Alert: New Info-Stealer Disguised as Adobe Update Uses SMTP to Loot Digital Lives

Do Son December 19, 2025

A new variant of the Phantom information stealer has emerged in the wild, masquerading as a routine...

Academic Ambush: How the Forum Troll APT Hijacks Scholars’ Systems via Fake Plagiarism Reports Forum Troll APT, Academic Espionage

Forum Troll APT, Academic Espionage

Academic Ambush: How the Forum Troll APT Hijacks Scholars’ Systems via Fake Plagiarism Reports

Do Son December 18, 2025

A relentless Advanced Persistent Threat (APT) group known as “Forum Troll” has shifted its crosshairs from corporate...

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Do Son December 11, 2025

Security researchers recently uncovered a vulnerability in the open-source text and code editor Notepad++, allowing attackers in...

ValleyRAT Targets English Job Seekers by Trojanizing Foxit PDF Reader with DLL Sideloading Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

ValleyRAT Targets English Job Seekers by Trojanizing Foxit PDF Reader with DLL Sideloading

Do Son December 8, 2025

A sophisticated malware campaign traditionally focused on Chinese-speaking targets has expanded its scope, now aggressively targeting English-speaking...

Hidden Theft: ‘Crypto Copilot’ Chrome Extension Drains Solana Wallets on X Crypto Copilot, Solana Scam

Crypto Copilot, Solana Scam

Hidden Theft: ‘Crypto Copilot’ Chrome Extension Drains Solana Wallets on X

Do Son November 27, 2025

A new threat is targeting the Solana ecosystem, preying on traders looking for speed and convenience on...

Water Gamayun Weaponizes “MSC EvilTwin” Zero-Day for Stealthy Backdoor Attacks CVE-2024-36072 Water Gamayun, MSC EvilTwin

CVE-2024-36072 Water Gamayun, MSC EvilTwin

Water Gamayun Weaponizes “MSC EvilTwin” Zero-Day for Stealthy Backdoor Attacks

Do Son November 27, 2025

A sophisticated new cyber espionage campaign has been uncovered by Zscaler Threat Hunting, revealing how a Russia-aligned...

Fragging Your Data: Fake ‘Battlefield 6’ Cracks & Trainers Spread Infostealers Battlefield 6 Malware, Fake Game Cracks

Battlefield 6 Malware, Fake Game Cracks

Fragging Your Data: Fake ‘Battlefield 6’ Cracks & Trainers Spread Infostealers

Do Son November 27, 2025

The highly anticipated October release of EA’s Battlefield 6 has become a digital minefield for gamers. Bitdefender...

Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer

Do Son November 27, 2025

Morphisec has issued a critical alert regarding a sophisticated malware campaign targeting 3D artists, game developers, and...

Warning: Xubuntu Website Compromised to Deliver Malware Xubuntu supply chain attack

Xubuntu supply chain attack

Warning: Xubuntu Website Compromised to Deliver Malware

Do Son October 21, 2025

The official website of Xubuntu, a Linux distribution derived from Ubuntu, appears to have been compromised by...

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft Astaroth GitHub C2, Steganography

Astaroth GitHub C2, Steganography

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft

Do Son October 14, 2025

The McAfee Threat Research team has uncovered a new and sophisticated Astaroth malware campaign — using GitHub...

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

Do Son October 6, 2025

A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one...

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

WARMCOOKIE Resurfaces After Takedown: New Variant Adds Stealth Handlers, Uses Expired C2 Certificates

Do Son October 3, 2025

The WARMCOOKIE backdoor has resurfaced with new features, expanded infrastructure, and updated delivery mechanisms, according to a...

Detour Dog: Stealthy DNS Malware Uses TXT Records for Command and Control NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Detour Dog: Stealthy DNS Malware Uses TXT Records for Command and Control

Do Son October 2, 2025

The Infoblox Threat Intelligence team has released an in-depth report on a global malware campaign leveraging the...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
CVE-2026-10735
Multiple plugins by ShapedPlugin contain a backdoor in various versions. This makes it possible for unauthenticated attackers to...
CVE-2026-20262CVSS 6.5
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated,...
CVE-2026-54420CVSS 8.5
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a...
CVE-2026-53435CVSS 8.8
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize...
CVE-2026-10795CVSS 8.1
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions...
CVE-2026-11645
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker...
CVE-2026-50751CVSS 9.3
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows...
CVE-2026-20245CVSS 7.8
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local...