Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

April 24, 2026 at 02:59PM Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of Sumat…

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

April 24, 2026 at 12:54PM A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and ser…

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

April 23, 2026 at 11:46PM A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging socia…

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

April 23, 2026 at 02:10PM Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were …

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

April 23, 2026 at 01:36PM Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that s…

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

April 22, 2026 at 11:25PM Cybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics…

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

April 22, 2026 at 02:59PM Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that c…

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

April 22, 2026 at 12:46PM A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that …

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

April 21, 2026 at 11:48PM Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observ…

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

April 21, 2026 at 03:52PM Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated developm…

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

April 21, 2026 at 11:53AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabil…

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

April 20, 2026 at 10:44PM A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could…