Vulnerability

Lazarus Campaign Distributes Malware via npm and PyPI Repositories

Vulnerability February 12, 2026

Cybersecurity researchers have identified a sophisticated, multi-pronged attack campaign orchestrated by the North Korea-linked Lazarus Group, targeting developers through malicious…

AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days, and 25+ Threat Stories Reported

Vulnerability February 12, 2026

Attackers Embrace Familiar Tactics in Evolving Threat Landscape This week’s threat landscape reveals a clear trend: attackers are doubling down…

Ivanti EPMM Exploits Tied to Single IP on Bulletproof Hosting

Vulnerability February 12, 2026

A significant portion of the exploitation attempts targeting a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM) has been traced…

Apple Addresses Exploited Zero-Day Vulnerability Across Devices

Vulnerability February 12, 2026

Apple has released critical security updates for its entire product ecosystem, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS, to…

Dozens of software vendors release security updates for various platforms.

Vulnerability February 11, 2026

It’s Patch Tuesday, and major software vendors have rolled out critical updates addressing a host of security vulnerabilities. Microsoft leads…

SSHStalker Botnet Leverages IRC C2 for Linux System Control Via Legacy Kernel Exploits

Vulnerability February 11, 2026

Cybersecurity researchers have unveiled a sophisticated new botnet operation dubbed SSHStalker, which employs the long-standing Internet Relay Chat (IRC) protocol…

Microsoft addresses 59 vulnerabilities, including six zero-days under active exploitation.

Vulnerability February 11, 2026

Microsoft released cumulative security updates for February, addressing 59 vulnerabilities across its software. Six of these flaws were actively exploited…

Warlock Ransomware Exploits Unpatched SmarterMail Server to Breach SmarterTools

Vulnerability February 10, 2026

SmarterTools has confirmed a significant network breach resulting from the exploitation of an unpatched SmarterMail instance by the Warlock (aka…

Fortinet addresses critical SQL injection vulnerability permitting unauthenticated code execution

Vulnerability February 10, 2026

Fortinet has issued urgent security updates to address a critical FortiClientEMS SQL injection vulnerability. This high-severity flaw, designated CVE-2026-21643, carries…

Weekly Cybersecurity Review Includes AI Skill Malware, 31Tbps DDoS Attack, Notepad++ Hack, and LLM Backdoors

Vulnerability February 9, 2026

Cyber threats are evolving beyond traditional malware and exploits, with attackers increasingly targeting the tools, platforms, and ecosystems organizations rely…

SolarWinds Web Help Desk exploited for remote code execution in multi-stage attacks on exposed servers.

Vulnerability February 9, 2026

Microsoft has recently detailed a sophisticated multi-stage intrusion that began with threat actors exploiting internet-exposed SolarWinds Web Help Desk (WHD)…

BeyondTrust addresses critical pre-authentication remote code execution vulnerability

Vulnerability February 9, 2026

BeyondTrust has issued critical security updates for its Remote Support (RS) and Privileged Remote Access (PRA) products, addressing a pre-authentication…

Trending

CISA adds actively exploited SolarWinds Serv-U DoS vulnerability to KEV catalog

AI Agent Discovers 21 Zero-Day Vulnerabilities in FFmpeg; Chrome Addresses 429 Bugs

Cisco Catalyst SD-WAN Manager Vulnerability Exploited, Patch Pending

Vulnerability

Lazarus Campaign Distributes Malware via npm and PyPI Repositories

AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days, and 25+ Threat Stories Reported

Ivanti EPMM Exploits Tied to Single IP on Bulletproof Hosting

Apple Addresses Exploited Zero-Day Vulnerability Across Devices

Dozens of software vendors release security updates for various platforms.

SSHStalker Botnet Leverages IRC C2 for Linux System Control Via Legacy Kernel Exploits

Microsoft addresses 59 vulnerabilities, including six zero-days under active exploitation.

Warlock Ransomware Exploits Unpatched SmarterMail Server to Breach SmarterTools

Fortinet addresses critical SQL injection vulnerability permitting unauthenticated code execution

Weekly Cybersecurity Review Includes AI Skill Malware, 31Tbps DDoS Attack, Notepad++ Hack, and LLM Backdoors

SolarWinds Web Help Desk exploited for remote code execution in multi-stage attacks on exposed servers.

BeyondTrust addresses critical pre-authentication remote code execution vulnerability