Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted
Dark Reading
Vibe-Coded
A new ransomware strain that entered the scene last year has poorly designed code and uses Hebrew language that might be a false flag.
CrowdCyber
npub1xm6q...7acu
Revolutionizing and Democratizing Cybersecurity
WinRAR path traversal flaw still exploited by numerous hackers
BleepingComputer
WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for ...
[Research] Analysis of 74,636 AI Agent Interactions: 37.8% Contained Attack Attempts - New "Inter-Agent Attack" Category Emerges
https://www.reddit.com/r/netsec/comments/1qp3rpz/research_analysis_of_74636_ai_agent_interactions/
Microsoft Rushes Emergency Patch for Office Zero-Day
Dark Reading
Microsoft Rushes Emergency Patch for Office Zero-Day
To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious Office file.
SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities
Daily CyberSecurity
SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities
Critical SolarWinds Web Help Desk flaws (CVSS 9.8) allow unauthenticated RCE and auth bypass. Hardcoded credentials also found. Patch immediately.
Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution
Daily CyberSecurity
Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution
Critical n8n RCE (CVE-2026-1470) lets attackers bypass sandbox defenses via malicious expressions. CVSS 9.9. Check versions 1.123.17 & 2.x now.
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
BleepingComputer
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-...
Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day
Dark Reading
Microsoft
The vendor
Critical Telnet Server Flaw Exposes Forgotten Attack Surface
Dark Reading
Critical Telnet Server Flaw Exposes Forgotten Attack Surface
While telnet is considered obsolete, the network protocol is still used by hundreds of thousands of legacy systems and IoT devices for remote access.
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
BleepingComputer
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and m...
Critical sandbox escape flaw found in popular vm2 NodeJS library
BleepingComputer
Critical sandbox escape flaw found in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrar...
CISA says critical VMware RCE flaw now actively exploited
BleepingComputer
CISA says critical VMware RCE flaw now actively exploited
CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered U.S. federal agencies to secure their servers wit...
DPRK's Konni Targets Blockchain Developers With AI-Generated Backdoor
Dark Reading
DPRK
The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target cryptocurrency holdings.
Nearly 800,000 Telnet servers exposed to remote attacks
BleepingComputer
Nearly 800,000 Telnet servers exposed to remote attacks
Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical auth...
CVSS 9.8 Sandbox Escape: Critical vm2 Flaw Exposes Millions of Apps
Daily CyberSecurity
CVSS 9.8 Sandbox Escape: Critical vm2 Flaw Exposes Millions of Apps
CVSS 9.8 vm2 flaw (CVE-2026-22709) affects 3.7 million users, allowing total sandbox escape via async functions. Update to v3.10.2 immediately.
New ClickFix attacks abuse Windows App-V scripts to push malware
BleepingComputer
New ClickFix attacks abuse Windows App-V scripts to push malware
A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately...
New malware service guarantees phishing extensions on Chrome web store
BleepingComputer
New malware service guarantees phishing extensions on Chrome web store
A new malware-as-a-service (MaaS) called 'Stanley' promises malicious Chrome extensions that can clear Google's review process and p...
Code by AI: KONNI APT Targets Crypto Devs with “Polished” Backdoor
Daily CyberSecurity
Code by AI: KONNI APT Targets Crypto Devs with "Polished" Backdoor
KONNI APT targets APAC developers with AI-generated malware disguised as crypto projects. The "polished" backdoor steals wallets & credenti...
Microsoft patches actively exploited Office zero-day vulnerability
BleepingComputer
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks.