Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited by threat actors shortly after its disclosure.…
Month: May 2026
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects Pierluigi Paganini May 19, 2026 INTERPOL led Operation Ramz in MENA, resulting in 201…
Understanding the OWASP Top 10 2025 for Modern Application Security
In the world of application security, vulnerabilities are always a moving target. As modern applications keep becoming increasingly API-driven, cloud-native, and dependent on third-party services,…
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected. Source link
Mini Shai-Hulud returns, compromising hundreds of npm packages
A self-replicating malware campaign known as Mini Shai-Hulud has resurfaced, this time embedding itself across hundreds of npm packages. The threat actor behind it, identified…
Internet Explorer may be dead, but its ghost still runs malware
Despite Internet Explorer reaching the end of life in 2022, MSHTA is packaged by default on Windows systems and is used as a living-off-the-land (LOLBIN)…
AI-powered cyber threats overwhelm human defenders, forcing critical infrastructure operators toward automated security
Artificial intelligence is rapidly becoming both a defensive necessity and a strategic risk factor for critical infrastructure operators as cyberattacks increasingly spill into the physical…
Belarus-aligned FrostyNeighbor continues targeting Ukrainian government, military sectors with updated attack techniques
ESET researchers identified renewed activity from FrostyNeighbor, a long-running cyberespionage actor apparently aligned with Belarusian interests, targeting Ukrainian government organizations in campaigns observed since March…
Huntress’ Commitment to the Cybersecurity Community
The broader cybersecurity community is a pretty incredible group. Look no further than major incidents and breaches to see examples of the community coming together…
Webinar: The hidden bottlenecks in network incident response
IT teams now get deluged by alerts from monitoring platforms, infrastructure systems, identity services, ticketing platforms, and security tools. But during network incidents, responders are…
New VoidStealer Malware Bypasses Chrome’s App-Bound Encryption to Steal Passwords and Cookies
A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of…
How to Make Apps and Websites Remove Your Nonconsensual Nudes
Once someone submits a takedown request, a platform has up to 48 hours to determine whether it is valid. If it decides that it is,…