Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler,…
Month: April 2026
New Windows RPC Vulnerability Lets Attackers Escalate Privileges Across All Windows Versions
PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of…
Void Dokkaebi Hackers Spread Malware Through Fake Job Interviews
Void Dokkaebi, also known as Famous Chollima, is expanding its cyber operations by turning fake job interviews into a large-scale malware distribution campaign targeting developers.…
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute…
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than…
Microsoft faces court battle in £2bn Windows Server class action
A case seeking compensation for approximately 59,000 businesses and organisations using the Microsoft Windows Server operating system in non-Microsoft public clouds is going ahead. The…
Vulnerabilities Patched in CrowdStrike, Tenable Products
CrowdStrike and Tenable informed customers this week about potentially serious vulnerabilities found and patched in their products. CrowdStrike published an advisory for CVE-2026-40050, a critical…
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
Firefox uses a defense-in-depth strategy, with internal red teams applying multiple layers of “overlapping defenses” and automated analysis techniques, he explained. Teams run each website…
Huntress MDR for Microsoft 365 Update
Over the last year, we’ve worked our asses off to prepare for an inbound tidal wave of identity-focused tradecraft. Considering our partners’ significant investments in…
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11. For…
CISA Warns of Multiple SimpleHelp Vulnerabilities Exploited in Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding two actively exploited vulnerabilities in SimpleHelp remote support software. Remote access tools…
Xiongmai IP Camera Flaw Lets Attackers Bypass Authentication
A critical security vulnerability has been identified in Hangzhou Xiongmai Technology’s XM530 IP Cameras, putting countless commercial facilities at risk. This severe flaw allows remote…