Security researchers have revealed 12 critical vulnerabilities affecting the popular vm2 Node.js library, exposing applications to sandbox escapes and remote code execution attacks. The vm2 package is widely used by developers to safely run untrusted JavaScript code inside isolated environments.…
Security researchers have disclosed 12 high-severity vulnerabilities affecting the widely used vm2 Node.js library, raising serious concerns for developers and organizations that rely on the package to securely execute untrusted JavaScript code. The open-source vm2 library is commonly used to…
Cybersecurity researchers have uncovered a new supply chain attack involving malicious packages uploaded to the Python Package Index (PyPI) repository that secretly install a previously undocumented malware strain called ZiChatBot on both Windows and Linux devices. According to researchers at…
Many organizations believe that signing an incident response retainer agreement means they are prepared for a cyberattack. Security experts say that assumption is dangerously misleading. A retainer may guarantee that someone answers the phone during a crisis, but it does…
ThreatsDay 2026: New Malware, AI-Powered Cyber Threats, Supply Chain Attacks, and Critical Security Flaws Dominate the Week The cybersecurity world had another chaotic week as researchers uncovered new malware campaigns, critical software vulnerabilities, large-scale phishing operations, and growing concerns over…
A newly disclosed critical vulnerability affecting Palo Alto Networks PAN-OS software may have been targeted by attackers weeks before public disclosure, according to new findings from the company’s Unit 42 threat intelligence team. The flaw, tracked as CVE-2026-0300, is a…
Microsoft has revealed details of a large-scale phishing campaign that tricked tens of thousands of users into handing over their login credentials by using convincing internal-style emails and advanced evasion tactics. The attack, observed between April 14 and April 16,…
A state-sponsored hacking group tied to North Korea, known as ScarCruft, has been linked to a supply chain attack involving a gaming platform, where attackers secretly embedded spyware into game components to monitor targeted users. Security researchers from ESET say…
The rapid adoption of artificial intelligence is creating new security challenges, with recent findings showing that many AI systems are being deployed with serious vulnerabilities. A study by Intruder reveals that modern AI infrastructure is often more exposed and poorly…
Cybersecurity researchers are warning that attackers are already exploiting a serious flaw in the open-source CMS MetInfo CMS, putting thousands of websites at risk. The vulnerability, tracked as CVE-2026-29014, carries a high severity score of 9.8 and allows attackers to…
Every time employees connect AI tools, automation platforms, or productivity apps to services like Google or Microsoft, they leave behind something many organizations fail to track, long-lasting OAuth tokens. These tokens often have no expiration, no automatic cleanup, and in…
A highly advanced cyber espionage group with ties to China has been linked to a wave of attacks against government institutions in South America and southeastern Europe, according to new findings from Cisco Talos. The threat group, tracked as UAT-8302,…
The Apache Software Foundation (ASF) has rolled out security updates to fix multiple issues in its HTTP Server, including a high-risk vulnerability that could allow attackers to execute code remotely. The flaw, tracked as CVE-2026-23918 and rated 8.8 on the…
A cyber campaign known as Contagious Interview, believed to be linked to North Korean threat actors, is expanding its reach by planting malicious packages across several major developer ecosystems. Security researchers have discovered that the attackers are disguising malware as…
Enterprise identity management is reaching a critical point. As organizations grow and adopt more applications, cloud services, and automation tools, identity systems are becoming fragmented and harder to control. This fragmentation has led to what experts now describe as “identity…
A Russia-linked threat group known as APT28 has launched a new wave of targeted attacks against Ukraine and its international partners, deploying a previously unknown malware framework called PRISMEX. Security researchers report that the campaign has been active since at…
Cybersecurity researchers have uncovered details about a stealth-focused botnet known as Masjesu, a growing threat built to launch distributed denial-of-service (DDoS) attacks while staying under the radar. First appearing around 2023, Masjesu has been promoted on Telegram as a paid…
Cybersecurity researchers have identified a new version of the Chaos malware that is now actively targeting poorly secured cloud environments. This marks a shift from its earlier focus on routers and edge devices to more complex cloud-based infrastructure. According to…
Cybersecurity researchers have uncovered a previously unknown zero-day vulnerability in Adobe Reader that attackers have been actively exploiting through specially crafted PDF files since late 2025. The issue, analyzed by EXPMON researcher Haifei Li, involves a highly advanced PDF-based exploit…
As artificial intelligence tools become easier to access, many employees are starting to use them without approval from their organization’s IT or security teams. While these tools can improve efficiency and help automate daily tasks, they also introduce a growing…
