Vulnerability

CISA Confirms Active Exploitation of FileZen Vulnerability

Vulnerability February 25, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially recognized a critical operating system command injection vulnerability in Soliton…

UnsolicitedBooker Targets Central Asian Telecoms with LuciDoor and MarsSnake Backdoors

Vulnerability February 24, 2026

Cybersecurity researchers are tracking a threat activity cluster, dubbed UnsolicitedBooker, that has been observed targeting telecommunications companies in Kyrgyzstan and…

Wormable XMRig Campaign Employs BYOVD Exploit and Time-Based Logic Bomb

Vulnerability February 23, 2026

Cybersecurity researchers have detailed a new cryptojacking campaign that leverages pirated software bundles as an entry point to deploy a…

Weekly Cyber Threat Recap Includes Skimmer Attacks, AI Tools, DDoS Activity, and Docker Malware

Vulnerability February 23, 2026

The cybersecurity landscape continues to present a complex and evolving threat environment, with recent developments highlighting the exploitation of familiar…

MuddyWater targets MENA organizations with GhostFetch, CHAR, and HTTP_VIP

Vulnerability February 23, 2026

The Iranian hacking group MuddyWater, also known by aliases such as Earth Vetala, Mango Sandstorm, and MUDDYCOAST, has launched a…

AI-assisted threat actor exploits over 600 FortiGate devices in 55 countries

Vulnerability February 21, 2026

A novel cyber threat campaign leveraging generative AI has successfully compromised over 600 FortiGate devices across 55 countries. This financially…

Anthropic unveils Claude Code Security for AI-powered vulnerability scanning

Vulnerability February 21, 2026

Artificial intelligence company Anthropic has introduced a significant new security feature for its Claude Code platform, aiming to bolster software…

CISA adds two actively exploited Roundcube flaws to KEV catalog

Vulnerability February 21, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially acknowledged the active exploitation of two critical security vulnerabilities affecting…

Microsoft Addresses Privilege Escalation Vulnerability in Windows Admin Center

Vulnerability February 19, 2026

Microsoft has

OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws Among Top Cybersecurity Stories

Vulnerability February 19, 2026

The global cybersecurity landscape continues to evolve at a rapid pace, with emerging threats and sophisticated attack tactics demanding constant…

Grandstream GXP1600 VoIP phones vulnerable to unauthenticated remote code execution

Vulnerability February 18, 2026

A critical security flaw discovered in the Grandstream GXP1600 series of VoIP phones, tracked as CVE-2026-2329, has the potential to…

Four widely used VS Code extensions found with critical security flaws

Vulnerability February 18, 2026

Multiple security vulnerabilities have been identified in four widely-used Microsoft Visual Studio Code (VS Code) extensions, according to cybersecurity researchers.…

Trending

AI Agent Discovers 21 Zero-Day Vulnerabilities in FFmpeg; Chrome Addresses 429 Bugs

Cisco Catalyst SD-WAN Manager Vulnerability Exploited, Patch Pending

Eclipse Incident Highlights Ongoing Researcher-Vendor Disputes

Vulnerability

CISA Confirms Active Exploitation of FileZen Vulnerability

UnsolicitedBooker Targets Central Asian Telecoms with LuciDoor and MarsSnake Backdoors

Wormable XMRig Campaign Employs BYOVD Exploit and Time-Based Logic Bomb

Weekly Cyber Threat Recap Includes Skimmer Attacks, AI Tools, DDoS Activity, and Docker Malware

MuddyWater targets MENA organizations with GhostFetch, CHAR, and HTTP_VIP

AI-assisted threat actor exploits over 600 FortiGate devices in 55 countries

Anthropic unveils Claude Code Security for AI-powered vulnerability scanning

CISA adds two actively exploited Roundcube flaws to KEV catalog

Microsoft Addresses Privilege Escalation Vulnerability in Windows Admin Center

OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws Among Top Cybersecurity Stories

Grandstream GXP1600 VoIP phones vulnerable to unauthenticated remote code execution

Four widely used VS Code extensions found with critical security flaws