vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

May 7, 2026 at 09:45AM A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exp…

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

May 7, 2026 at 01:51AM Cybersecurity researchers have exposed a new Mirai-derived botnet that self-identifies as xlabs_v1 and tar…

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

May 6, 2026 at 04:27PM Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed…

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

May 6, 2026 at 02:04PM Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote …

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

May 6, 2026 at 11:44AM Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its P…

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

May 5, 2026 at 02:37PM The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game plat…

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

May 5, 2026 at 12:05PM Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combinatio…

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

May 4, 2026 at 11:36PM An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with l…

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

May 4, 2026 at 05:27PM The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizat…

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

May 4, 2026 at 02:57PM A previously unknown threat actor has been observed targeting government and military entities in Southeas…

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

May 4, 2026 at 11:29AM A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 sus…

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

May 3, 2026 at 11:56AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed secu…