threat intelligence Archives • Page 4 of 13 • Daily CyberSecurity

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE CursorJack Cursor Vulnerability

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE

Do Son March 20, 2026

Security researchers at Proofpoint Threat Research have detailed a novel exploitation method dubbed CursorJack, which targets the...

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

Operation Takedown: DOJ and Global Allies Smash 30-Terabit IoT Botnet Empire

Do Son March 20, 2026

In a massive display of international cooperation, the U.S. Justice Department has joined forces with law enforcement...

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT Forbidden Hyena BlackReaperRAT

The AI-Powered Arsenal: How ‘Forbidden Hyena’ Uses Generative AI to Spawn BlackReaperRAT

Do Son March 20, 2026

A detailed forensic investigation by BI.ZONE Threat Intelligence has unmasked a series of advanced cyber operations conducted...

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats Iranian Cyberwarfare DOJ Domain Seizure

Takedown: DOJ Seizes Iranian MOIS Domains Used for Global Hacking and Hit Squad Threats

Do Son March 20, 2026

The U.S. Department of Justice has struck a major blow against the Islamic Republic of Iran’s cyberwarfare...

The Typosquatting Trap: Fake Telegram Portal Delivers Stealthy Memory-Resident Malware

Do Son March 20, 2026

Cybersecurity researchers have uncovered a deceptive campaign that uses a typosquatted website to impersonate the official Telegram...

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’ Boggy Serpens Iranian APT

Hijacked Accounts and AI Code: The Deadly New Playbook of Iranian APT ‘Boggy Serpens’

Do Son March 20, 2026

A new assessment from Unit 42 reveals a significant maturation in the tactics of Boggy Serpens, an...

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

AI Workflows Under Fire: Critical RCE and File Write Flaws Expose Langflow Servers

Do Son March 19, 2026

Security researchers have identified two severe vulnerabilities in Langflow, the popular visual framework for building AI-powered agents....

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

CISA Issues Urgent Warning Following Global Cyberattack on Stryker

Do Son March 19, 2026

In a move to protect the nation’s critical infrastructure, the Cybersecurity and Infrastructure Security Agency (CISA) has...

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors

Do Son March 19, 2026

The Warlock ransomware group (also tracked as Water Manaul) has significantly sharpened its claws. A recent deep-dive...

The Trojan Contact: Konni APT Hijacks KakaoTalk to Turn Victims into Attackers Konni APT KakaoTalk Malware

The Trojan Contact: Konni APT Hijacks KakaoTalk to Turn Victims into Attackers

Do Son March 19, 2026

The Konni APT group has launched a sophisticated multi-stage campaign that turns victims into unwilling accomplices. According...

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots GitHub Supply Chain Attack Polymarket Malware

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots

Do Son March 19, 2026

In a sophisticated supply chain attack discovered by the StepSecurity threat intelligence team, a legitimate Japanese DeFi...

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets ClickFix Campaign WordPress Malware

The CAPTCHA Trap: How a Global ‘ClickFix’ Campaign Weaponizes WordPress to Drain Digital Wallets

Do Son March 18, 2026

In a sophisticated new campaign active since late 2025, a mysterious threat actor has been turning the...

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

The Resume Trap: How ‘BlackSanta’ Malware Uses Fake CVs to Blind EDRs and Hijack HR Systems

Do Son March 18, 2026

Aryaka Threat Labs has unmasked a sophisticated malware operation dubbed BlackSanta. This Russian-speaking threat actor has spent...

New Ubuntu Vulnerability Turns System Cleanup into a Root Access Backdoor CIFSwitch local root exploit cifs-utils privilege escalation Linux Kernel Root Exploit CVE-2025-39946 PoC CVE-2023-2598 PoC Ubuntu LPE Vulnerability CVE-2026-3888

CIFSwitch local root exploit cifs-utils privilege escalation Linux Kernel Root Exploit CVE-2025-39946 PoC CVE-2023-2598 PoC Ubuntu LPE Vulnerability CVE-2026-3888

New Ubuntu Vulnerability Turns System Cleanup into a Root Access Backdoor

Do Son March 18, 2026

The Qualys Threat Research Unit has detailed a new Local Privilege Escalation (LPE) vulnerability, tracked as CVE-2026-3888,...

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

The EU Strikes Back: New Sanctions Target Chinese and Iranian Cyber Threat Actors

Do Son March 18, 2026

In a decisive move to protect the digital sovereignty of its member states, the Council of the...

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware Weaponizable AI AI Cyber Threats

Pandora’s Box: IBM X-Force Uncovers Likely AI-Generated “Slopoly” Malware

Do Son March 18, 2026

Cybersecurity investigators at IBM X-Force have identified a disturbing new milestone in the evolution of digital threats:...

Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover

Do Son March 18, 2026

A critical vulnerability has been identified in a key component of Oracle’s open-source portfolio, potentially handing the...

The Cyber Nexus: Iranian Group ‘Muddy Water’ Caught Deploying Russian ‘Tsundere’ Botnet via EtherHiding Tsundere Botnet Muddy Water

The Cyber Nexus: Iranian Group ‘Muddy Water’ Caught Deploying Russian ‘Tsundere’ Botnet via EtherHiding

Do Son March 18, 2026

Cybersecurity investigators at eSentire’s Threat Response Unit (TRU) have uncovered a high-stakes digital alignment between two major...

Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155