DPRK
TRENDING TOPICS JAN 27, 2026 Update: DPRK “Fake Font” Contagious Interview Campaign Abuses VS Code Tasks to Deploy InvisibleFerret North Korean Lazarus Group operators have launched a new evolution of the long-running “Contagious Interview” campaign that abuses Microsoft VS Code’s task automation feature to execute malware disguised as web
Azure
TRENDING TOPICS JAN 21, 2026 Azure Private Endpoints Can Create Hidden Denial-of-Service Risk Palo Alto researchers have identified a design weakness in Azure Private Endpoint deployments that can unintentionally expose cloud resources to denial-of-service conditions. The issue stems from how Azure prioritizes Private DNS zones when a Private Endpoint is
Reprompt
CVE-2026-20822 Critical Windows Graphics Component PRIVILEGE ESCALATION Windows Graphics Component Elevation of Privilege Vulnerability enabling local attackers to gain SYSTEM-level privileges. CVE-2026-20854 Critical Windows LSASS REMOTE CODE EXECUTION Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability allowing network-based exploitation. CVE-2026-20876 Critical Windows VBS Enclave PRIVILEGE ESCALATION Windows
ErrTraffic
TRENDING TOPICS DEC 31, 2025 Update: The Industrialization of ClickFix Social Engineering Through ErrTraffic Researchers at HudsonRock have discovered ErrTraffic, a new ClickFix service that is currently being marketed for approximately $800 on Russian-language cybercrime forums. ErrTraffic lowers the barrier to entry for threat actors by providing a polished, SaaS-like
HoneyMyte APT
TRENDING TOPICS DEC 30, 2025 HoneyMyte APT Adopts Kernel-Mode Rootkit to Stealthily Deploy ToneShell Backdoor Kaspersky has identified a new HoneyMyte APT campaign that marks a significant escalation in technical sophistication, centered on the use of a kernel-mode mini-filter driver to deploy and protect malware. The malicious driver, signed with
CyberVolk
CVE-2025-6389 Critical Sneeit Framework WordPress Plugin REMOTE CODE EXECUTION UNAUTHENTICATED Allows unauthenticated remote code execution due to unsafe handling of user input passed to call_user_func. An attacker can execute arbitrary server-side code, potentially creating admin users or installing backdoors, leading to full WordPress site compromise. Mitigation: Immediately update
Spiderman Phishing
TRENDING TOPICS DEC 11, 2025 Spiderman Phishing Toolkit Expands into High-Volume Bank Fraud The Spiderman phishing framework represents a major escalation in phishing-as-a-service activity targeting European financial institutions. It offers an integrated platform that allows criminal operators to generate precise replicas of dozens of bank portals with minimal effort, enabling
Calisto
CVE-2025-55182 Critical React Server Components PRE-AUTH RCE NO AUTHENTICATION Pre-authentication remote code execution vulnerability affecting multiple versions of React Server Components, including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. Allows attackers to execute arbitrary code without any credentials. Mitigation: Upgrade to patched React Server Components versions immediately and implement strict request validation on
K.G.B. RAT
TRENDING TOPICS DEC 04, 2025 K.G.B RAT Emerges on Dark Web with Stealth, Automation, and Built-In Evasion Tools A new remote access Trojan bundle called K.G.B RAT is being advertised on an underground cybercrime forum, where the seller claims it offers complete stealth, integrated evasion tools,
GlassWorm
TRENDING TOPICS DEC 02, 2025 Update: Glassworm Campaign Escalates Across Developer Extension Ecosystems Glassworm has advanced into a broader, more aggressive phase, with adversaries planting two dozen new malicious extensions on the Microsoft Visual Studio Marketplace and OpenVSX. These platforms distribute critical tooling for VS Code–compatible editors, which positions
TamperedChef
TRENDING TOPICS NOV 20, 2025 TamperedChef: New Global Malvertising Campaign Using Fake Software Installers to Deliver Stealthy Backdoors The TamperedChef campaign first surfaced earlier this year as security researchers began tracking a rise in fake software installers pushed through manipulated online ads and poisoned search results. The operation has since
Cloudflare
TRENDING TOPICS NOV 19, 2025 Update: Cloudflare Global Network Outage Disrupts Major Online Services Cloudflare previously reported a major outage on November 18 that disrupted core CDN, security, and authentication services across its Global Network, and new findings now clarify that the disruption stemmed from an internal database permissions change