Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

All Malware & Threats468 Vulnerabilities239 Data Breaches20 Ransomware0 APT & Threat Actors0 Cloud Security0 MENA Cybersecurity0 Compliance & Frameworks0 Tools & Tutorials0 Industry News1125

Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison

BleepingComputer

Malware & Threats

Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison

A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his "cold case" negotiator role in the Russian Karakurt ransomware group.

BleepingComputer3d ago3m4

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

BleepingComputer

Malware & Threats

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices.

BleepingComputer3d ago3m4

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

SecurityWeek

Industry News

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests.

SecurityWeek3d ago2m4

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The Hacker News

Industry News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.

The Hacker News3d ago4m4

ScarCruft hackers push BirdCall Android malware via game platform

BleepingComputer

Malware & Threats

ScarCruft hackers push BirdCall Android malware via game platform

The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform.

BleepingComputer3d ago3m4

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

SecurityWeek

Industry News

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.

SecurityWeek3d ago3m4

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

The Hacker News

Industry News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

The Hacker News3d ago2m4

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

The Hacker News

Industry News

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft disclosed a credential theft campaign targeting 35,000+ users at 13,000+ organizations across 26 countries.

The Hacker News3d ago6m4

Vulnerabilities

ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)

SANS ISC

Vulnerabilities

ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)

No description available.

SANS ISC3d ago1m4

Weaver E-cology critical bug exploited in attacks since March

BleepingComputer

Malware & Threats

Weaver E-cology critical bug exploited in attacks since March

Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands.

BleepingComputer3d ago3m4

Industry News

Physical Cargo Theft Gets a Boost From Cybercriminals

Dark Reading

Industry News

Physical Cargo Theft Gets a Boost From Cybercriminals

Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods.

Dark Reading3d ago1m4

Industry News

RMM Tools Fuel Stealthy Phishing Campaign

Dark Reading

Industry News

RMM Tools Fuel Stealthy Phishing Campaign

Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.

Dark Reading3d ago1m4