Cybersecurity researchers have identified critical security vulnerabilities in four widely used Microsoft Visual Studio Code extensions, collectively installed over 125 million times. The affected extensions include Live Server, Code Runner,…
Continue readingA critical zero-day vulnerability, CVE-2026-22769, in Dell RecoverPoint for Virtual Machines has been actively exploited since mid-2024 by a suspected China-nexus threat actor known as UNC6201. The flaw, rated with…
Continue readingNotepad++ has addressed a critical security vulnerability in its update mechanism that was exploited by an advanced threat actor from China to deliver targeted malware. The issue involved hijacking the…
Continue readingThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog by adding four security flaws that are currently being actively exploited in the wild….
Continue readingCybersecurity researchers have identified a new ransomware family called Reynolds that incorporates a dangerous defense evasion technique directly within its payload. This ransomware embeds a bring your own vulnerable driver…
Continue readingNorth Korean (DPRK) operatives are escalating their cyber espionage tactics by impersonating real professionals on LinkedIn to infiltrate companies through remote job applications. These fraudulent profiles use verified workplace emails…
Continue readingThe North Korea-linked threat actor UNC1069 has been observed targeting cryptocurrency organizations through a sophisticated social engineering campaign. This intrusion leverages a compromised Telegram account, a fake Zoom meeting, and…
Continue readingCybersecurity researchers have identified a new botnet named SSHStalker, which leverages the Internet Relay Chat (IRC) protocol for command-and-control (C2) operations. This botnet targets Linux systems by exploiting legacy kernel…
Continue readingMicrosoft has released security updates addressing 59 vulnerabilities across its software, including six zero-day flaws that are actively being exploited in the wild. The vulnerabilities vary in severity, with five…
Continue readingCybersecurity researchers have revealed that AI assistants with web browsing capabilities, such as Microsoft Copilot and xAI Grok, can be exploited as command-and-control (C2) proxies for malware. This technique allows…
Continue reading