CVE-2026-34197
TRENDING TOPICS APR 17, 2026 CISA Sounds the Alarm on Apache ActiveMQ: A 13‑Year‑Old RCE Bug Is Now Being Actively Exploited CISA has added CVE‑2026‑34197 to its KEV catalog after confirming that attackers are actively exploiting this high‑severity remote code execution flaw in Apache ActiveMQ
HanGhost
TRENDING TOPICS APR 15, 2026 HanGhost Loader Targets the People Who Move Money and Goods, Not Just IT A new HanGhost loader campaign is quietly going after corporate staff who sit closest to payments, logistics, and contract workflows, using a multi‑stage, largely fileless attack chain that most SOCs only
UNC6783
TRENDING TOPICS APR 10, 2026 UNC6783’s Okta Phishing Playbook: When Your BPO Helpdesk Becomes the Front Door Google’s Threat Intelligence Group is tracking a new data‑theft extortion crew, UNC6783, that breaks into large enterprises by first compromising their business process outsourcers (BPOs), the third‑party support and
Docker
TRENDING TOPICS APR 08, 2026 Docker’s Silent AuthZ Failure: CVE‑2026‑34040 Turns One Oversized Request into Full Host Takeover A newly disclosed high‑severity flaw in Docker Engine, tracked as CVE‑2026‑34040 (CVSS 8.8), allows attackers to bypass authorization plugins and gain full control of the
A practitioner's guide to patterns, pitfalls, and reusable approaches for GovCloud and classified environments Daniel Beller | Director of Cloud Solutions, Hunter Strategy 23 years supporting DoD and IC in systems and cloud engineering, architecture, and security - both practical and compliance Why Multi-Region? The Case and the Caveats
TRENDING TOPICS APR 03, 2026 SparkCat’s Comeback: Stealthy Mobile Wallet Stealer Hiding in “Normal” Apps Researchers have uncovered a new SparkCat malware variant lurking in seemingly legitimate iOS and Android apps, including enterprise messengers and food delivery services, on both the Apple App Store and Google Play. The trojan
TRENDING TOPICS APR 01, 2026 How Iran’s Threats Turn Tech Infrastructure into a Warfront Iran’s threat to attack facilities of major U.S. tech and finance firms in the Middle East, including Apple, Google, Microsoft, Nvidia, Meta, IBM, Oracle, Tesla, Boeing, JPMorgan, and others, marks a clear shift
TRENDING TOPICS MAR 27, 2026 Coruna iOS Exploit Kit Revives and Upgrades Operation Triangulation Framework Coruna is a newly exposed, nation-state-grade iOS exploit kit that researchers now assess as a direct evolution of the framework used in the 2023 Operation Triangulation espionage campaign. Analysis by Kaspersky’s Global Research and
Torg Grabber Infostealer
TRENDING TOPICS MAR 26, 2026 Torg Grabber Infostealer Campaign: Broad-Spectrum Credential and Crypto Theft A rapidly evolving infostealer malware campaign centered on “Torg Grabber” is targeting a wide range of sensitive data sources, with a particular emphasis on cryptocurrency wallets and browser-based credentials. The malware is distributed through ClickFix-style social
Shouting into the IT void
TRENDING TOPICS MAR 25, 2026 NGINX MP4 Module Flaw Enables Remote Code Execution F5 has disclosed a high-severity vulnerability, tracked as CVE-2026-32647, in the NGINX MP4 streaming module that can be abused with crafted MP4 files to crash worker processes or, in some circumstances, execute arbitrary code on affected servers.
TRENDING TOPICS MAR 24, 2026 TeamPCP Deploys Iran-Targeted Wiper in Kubernetes Attacks A newly observed campaign by TeamPCP is targeting Kubernetes clusters with a destructive malware variant that selectively wipes systems configured for Iran while maintaining persistence elsewhere. The operation builds directly on the earlier CanisterWorm activity, reusing the same
TRENDING TOPICS MAR 23, 2026 Critical QNAP QVR Pro Flaw Opens Door to Remote Intrusion QNAP has issued an urgent security advisory for CVE-2026-22898, a critical vulnerability in its QVR Pro network video surveillance platform that allows remote attackers to gain system access without authentication. Tracked as ZDI-CAN-28327 and tied
TRENDING TOPICS MAR 20, 2026 Feds Cripple Monster IoT Botnets Behind Record 31.4 Tbps DDoS Barrage A coordinated law enforcement operation has disrupted four of the most powerful known IoT botnets, Aisuru, KimWolf, JackSkid, and Mossad, collectively responsible for some of the largest DDoS attacks ever recorded, including traffic
TRENDING TOPICS MAR 19, 2026 Update: Stryker Cyberattack Based on CISA reporting, Stryker was targeted on March 11, 2026, when a threat actor used Microsoft Intune’s wipe command to erase tens of thousands of Stryker devices after gaining privileged access.The recent cyberattack on Stryker is a reminder that
TRENDING TOPICS MAR 18, 2026 Aura’s March 2026 Incident: Targeted Account Compromise and Data Exposure In March 2026, online safety provider Aura disclosed that a single employee account was compromised for about an hour after a targeted phone‑phishing attack. During this window, an unauthorized third party accessed roughly
TRENDING TOPICS MAR 17, 2026 LeakNet Expands Initial Access with ClickFix and Fileless Deno Loader LeakNet ransomware operations are evolving toward greater independence, scalability, and stealth, marked by the adoption of ClickFix social engineering and a novel Deno-based loader. Rather than relying solely on initial access brokers, LeakNet is now
TRENDING TOPICS MAR 16, 2026 Operation CamelClone: Stealthy Multi‑Region Government Espionage Operation CamelClone is a newly identified cyber espionage campaign targeting government and strategic sectors across multiple geopolitically significant regions, including Algeria, Mongolia, Ukraine, and Kuwait. The operation focuses on organizations tied to national security and policy, such as
CVE-2025-26399 Critical Severity Vulnerability Description SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a
TRENDING TOPICS MAR 12, 2026 CastleRAT Campaign Abuses Deno Runtime and Steganography to Deliver Fileless Malware Researchers at ThreatDown identified a malware campaign that delivers CastleRAT, a remote access trojan designed for espionage, surveillance, and credential theft, by abusing the legitimate Deno JavaScript runtime. The attack begins with a social
TRENDING TOPICS MAR 11, 2026 UNC6426: From Stolen GitHub Token to Full Cloud Takeover in 72 Hours A threat actor tracked as UNC6426 exploited stolen keys from the 2025 Nx npm package supply chain compromise to fully breach a victim’s AWS cloud environment in just three days, according to
TRENDING TOPICS MAR 10, 2026 APT28 Revives Espionage Operations with Custom Covenant Variant and Dual-Implant Toolkit ESET researchers are reporting that the Russian state-linked threat group APT28 (also known as Fancy Bear, Sednit, Forest Blizzard, and Strontium) has resumed advanced cyber-espionage operations using a customized version of the open-source Covenant
