Cybersecurity News, Threats & Vulnerability Alerts

cve-2025-53521 March 28 — 08:07 AM

CISA Adds Critical F5 BIG-IP CVE-2025-53521 to KEV Catalog

CISA added CVE-2025-53521 affecting F5 BIG-IP Access Policy Manager to its Known Exploited Vulnerabilities catalog following confirmed active exploitation.

Evan Mael5m77

ta446-apt March 28 — 08:07 AM

Russian APT TA446 Targets iOS with DarkSword Exploit Kit

Russian state-sponsored group TA446 deploys DarkSword exploit kit in targeted email campaigns against iOS devices.

Evan Mael5m53

teampcp March 27 — 10:13 PM

TeamPCP Hackers Compromise Telnyx PyPI Package

TeamPCP threat group compromised the official Telnyx Python package on PyPI, injecting credential-stealing malware hidden in WAV audio files.

Evan Mael5m37

open-vsx March 27 — 02:57 PM

Open VSX Registry Bug Let Malicious VS Code Extensions Bypass Security

Open VSX's pre-publish scanning pipeline contained a critical flaw that allowed malicious Visual Studio Code extensions to bypass security vetting and reach the registry.

Evan Mael5m56

european-commission March 27 — 01:22 PM

European Commission Confirms AWS Cloud Breach Investigation

The European Commission is investigating a security breach after attackers gained unauthorized access to its Amazon Web Services cloud infrastructure.

Evan Mael5m61

tp-link-routers March 27 — 12:42 PM

TP-Link Patches Critical Router Flaws Enabling RCE

TP-Link released security updates fixing high-severity vulnerabilities that allow authentication bypass and remote code execution on popular router models.

Evan Mael5m43

dutch-police March 27 — 09:20 AM

Dutch Police Confirm Phishing Attack Breach

The Dutch National Police disclosed a security breach from a successful phishing attack with limited impact on operations.

Evan Mael5m40

ajax-amsterdam March 26 — 09:37 PM

Ajax Amsterdam Confirms Data Breach Affecting Hundreds

Dutch football club Ajax Amsterdam disclosed hackers exploited IT vulnerabilities to access personal data of several hundred individuals.

Evan Mael5m40

cve-2026-33017 March 26 — 08:17 PM

CISA Warns of Active Exploits Targeting Langflow AI Framework

CISA added CVE-2026-33017 to its Known Exploited Vulnerabilities catalog after confirming active exploitation of a critical code injection flaw in Langflow.

Evan Mael5m44

red-menshen March 26 — 06:40 PM

Chinese APT Red Menshen Embeds in Telecom Networks

China-linked Red Menshen threat group maintains persistent access in global telecom infrastructure for government espionage operations.

Evan Mael5m122

xinbi-marketplace March 26 — 04:42 PM

UK Sanctions Xinbi Marketplace for Selling Stolen Data

UK's FCDO sanctioned Xinbi, a Chinese cryptocurrency marketplace selling stolen data and satellite equipment to Southeast Asian scam networks.

5m40

tiktok-business March 26 — 03:09 PM

TikTok Business Accounts Hit by Bot-Evading Phishing Campaign

Cybercriminals are targeting TikTok for Business accounts with sophisticated phishing attacks designed to bypass automated security detection systems.

5m46

hightower-holding March 26 — 03:07 PM

Hightower Holding Breach Exposes 130,000 SSNs

Hightower Holding confirms data breach affecting 130,000 individuals with stolen Social Security numbers and driver's license data.

Evan Mael5m35

bind-dns March 26 — 02:31 PM

BIND DNS Patches Critical Memory Leak Vulnerabilities

Internet Systems Consortium releases BIND updates fixing high-severity memory leak vulnerabilities affecting DNS resolvers worldwide.

Evan Mael5m36

claude-extension March 26 — 02:11 PM

Claude Chrome Extension Flaw Enabled Silent Prompt Injection

Anthropic's Claude Chrome extension contained a vulnerability allowing websites to inject malicious prompts without user interaction or consent.

Evan Mael5m60

coruna-exploit-kit March 26 — 02:10 PM

Coruna Exploit Kit Reuses Operation Triangulation iOS Attacks

Security researchers discovered the Coruna exploit kit leveraging zero-click iMessage exploits from 2023's Operation Triangulation campaign targeting iPhones.

5m34

chinese-apt March 26 — 02:00 PM

Chinese APT Deploys Kernel Implants in Telecom Infrastructure

State-sponsored Chinese hackers infiltrated telecom backbone infrastructure using kernel implants and passive backdoors for long-term espionage operations.

Evan Mael5m41

leakbase-forum March 26 — 01:50 PM

Russian Police Arrest LeakBase Forum Owner in Taganrog

Russian authorities arrested the alleged owner of LeakBase, a major cybercriminal marketplace for stolen data and hacking tools.

Evan Mael5m25

cisco-ios March 26 — 01:32 PM

Cisco Patches Critical IOS Vulnerabilities in March 2026

Cisco released security patches for multiple high and medium-severity vulnerabilities affecting IOS software that could enable privilege escalation and secure boot bypass.

Evan Mael5m31

redline-infostealer March 26 — 12:51 PM

RedLine Infostealer Admin Extradited to US for Prosecution

Armenian suspect extradited to United States faces criminal charges for allegedly managing RedLine infostealer malware operations targeting millions globally.

Evan Mael5m26

torg-grabber March 25 — 07:32 PM

Torg Grabber Malware Targets 850 Browser Extensions

New Torg Grabber info-stealer compromises 850 browser extensions including 700+ cryptocurrency wallets expanding threat landscape significantly.

5m44

1 2 3 4 5 6 7 8 9 10 11 12 13