Cybersecurity News, Threats & Vulnerability Alerts

Medusa Ransomware Exploits Zero-Days Within Days

Medusa ransomware operators weaponize fresh vulnerabilities and encrypt victim networks within days of initial compromise.

5m14

revil-ransomware April 7 — 01:54 AM

German Police ID Russian Leaders of REvil Ransomware Gang

German Federal Police identified two Russian nationals as leaders of GandCrab and REvil ransomware operations that caused billions in damages worldwide.

5m18

gpubreach April 6 — 11:44 PM

GPUBreach Attack Exploits GDDR6 Memory for System Takeover

Researchers demonstrate GPUBreach attack that triggers Rowhammer bit-flips in GPU GDDR6 memory to escalate privileges and compromise systems.

5m37

password-spraying April 6 — 08:37 PM

Iran-Linked Hackers Target Microsoft 365 in Israel and UAE

Iran-nexus threat actors launched password-spraying attacks against Microsoft 365 environments in Israel and UAE during March 2026.

5m33

storm-1175 April 6 — 06:56 PM

Storm-1175 Deploys Zero-Day Exploits in Medusa Ransomware Attacks

Microsoft warns that China-based Storm-1175 cybercriminal group is deploying zero-day and n-day exploits in high-velocity Medusa ransomware campaigns targeting organizations worldwide.

5m48

react2shell April 6 — 05:31 PM

UAT-10608 Hackers Target Next.js Apps with React2Shell Tool

Threat group UAT-10608 exploits vulnerable Next.js applications using React2Shell automation to steal credentials and system secrets.

5m18

court-impersonation-scam April 5 — 09:44 PM

Fake Court Traffic Violation Texts Target US Drivers

Scammers impersonate state courts nationwide with fake traffic violation texts containing malicious QR codes to steal payment data.

5m37

cve-2026-35616 April 5 — 08:45 PM

Fortinet Patches Critical FortiClient EMS Zero-Day Under Attack

Fortinet released emergency patches for CVE-2026-35616, a critical FortiClient EMS vulnerability actively exploited by attackers worldwide.

5m95

cve-2025-55182 April 5 — 04:17 PM

CVE-2025-55182 Exploited in Mass Credential Theft Campaign

Attackers exploit React2Shell vulnerability in Next.js applications to steal credentials through automated large-scale campaign targeting web developers.

5m43

axios-http-client April 4 — 10:30 PM

Axios HTTP Client Targeted by North Korean Social Engineering

Axios HTTP client maintainers reveal detailed post-mortem of sophisticated North Korean social engineering attack targeting their development team.

5m17

hims-hers-health April 3 — 07:41 PM

Hims & Hers Health Discloses Data Breach via Third-Party Platform

Telehealth company Hims & Hers Health suffered a data breach when attackers stole customer support tickets from a third-party service platform.

6m34

progress-sharefile April 3 — 02:12 PM

Progress ShareFile RCE Flaws Enable Pre-Auth Server Takeover

Critical Progress ShareFile vulnerabilities allow attackers to chain exploits for unauthenticated remote code execution and arbitrary file uploads.

5m58

teampcp-threat-group April 3 — 08:33 AM

EU Attributes Commission Cloud Hack to TeamPCP Group

CERT-EU confirms TeamPCP threat group breached European Commission cloud infrastructure, exposing data from 29 Union entities.

5m37

vidar-malware April 2 — 10:30 PM

Vidar Malware Exploits Claude Code Leak via Fake GitHub Repos

Threat actors leverage Anthropic's Claude Code source leak to distribute Vidar information-stealing malware through malicious GitHub repositories targeting developers.

5m69

cve-2025-55182 April 2 — 09:30 PM

React2Shell Flaw Exploited in Mass Credential Theft Campaign

Cisco Talos discovered attackers exploiting React2Shell vulnerability to steal AWS secrets, SSH keys, and GitHub tokens at scale.

5m30

drift-protocol April 2 — 09:03 PM

North Korean Hackers Drain $285M from Drift Protocol

North Korean threat actors executed a sophisticated attack draining $285 million from Drift Protocol's treasury in under 10 seconds.

6m25

casbaneiro-trojan April 2 — 03:00 PM

Casbaneiro Banking Trojan Targets Spanish-Speaking Users

Casbaneiro banking Trojan launches sophisticated campaigns targeting Spanish speakers with advanced evasion techniques and rapid replication capabilities.

5m31

cisco-imc April 2 — 01:01 PM

Cisco Patches Critical IMC Authentication Bypass Flaw

Cisco fixed multiple critical vulnerabilities including an authentication bypass in Integrated Management Controller granting admin access.

4m38

whatsapp-spyware April 2 — 11:51 AM

WhatsApp Alerts 200 Users Hit by Fake iOS App Spyware

WhatsApp warned approximately 200 users who installed a malicious fake iOS app containing government-grade spyware targeting Italian citizens.

5m29

crystalrat April 2 — 01:17 AM

CrystalRAT Malware-as-a-Service Emerges on Telegram

New CrystalRAT malware-as-a-service platform launches on Telegram with remote access, data theft, and keylogging capabilities targeting Windows systems.

5m28

trueconf-zero-day April 1 — 11:35 PM

TrueConf Zero-Day Exploited to Execute Files on Endpoints

Attackers exploit a zero-day vulnerability in TrueConf conference servers to execute arbitrary files on all connected endpoints.

5m39

1 2 3 4 5 6 7 8 9 10 11 12 13