Category: CyberSecurityNews

Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail
31
Jan
2026

Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail

The latest update to the Metasploit Framework this week provides a significant enhancement for penetration testers and red teamers, introducing…

Share: X : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailFacebook : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailLinkedin : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailReddit : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailTelegram : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailWhatsApp : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMailEmail : Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail
Attackers Using Hugging Face Hosting to Deliver Android RAT Payload
30
Jan
2026

Attackers Using Hugging Face Hosting to Deliver Android RAT Payload

A new Android threat campaign has emerged that uses social engineering combined with a legitimate machine learning platform to spread…

Share: X : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadFacebook : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadLinkedin : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadReddit : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadTelegram : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadWhatsApp : Attackers Using Hugging Face Hosting to Deliver Android RAT PayloadEmail : Attackers Using Hugging Face Hosting to Deliver Android RAT Payload
UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS
30
Jan
2026

UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS

A new wave of targeted attacks has emerged against Internet Information Services (IIS) servers across Asia, with threat actors deploying…

Share: X : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISFacebook : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISLinkedin : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISReddit : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISTelegram : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISWhatsApp : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIISEmail : UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS
TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and Chrome
30
Jan
2026

TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and Chrome

A sophisticated PowerShell-based malware named TAMECAT has emerged as a critical threat to enterprise security, targeting login credentials stored in…

Share: X : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeFacebook : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeLinkedin : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeReddit : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeTelegram : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeWhatsApp : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and ChromeEmail : TAMECAT PowerShell-Based Backdoor Exfiltrates Login Credentials from Microsoft Edge and Chrome
Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For China
30
Jan
2026

Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For China

A federal jury has convicted Linwei Ding, 38, a former Google software engineer, on charges of economic espionage and trade…

Share: X : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaFacebook : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaLinkedin : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaReddit : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaTelegram : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaWhatsApp : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For ChinaEmail : Ex-Google Engineer Convicted of Stealing Google’s AI Secrets For China
Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level Access
30
Jan
2026

Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level Access

A critical security breach has exposed multiple Magento e-commerce platforms worldwide as threat actors successfully exploited a severe authentication flaw…

Share: X : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessFacebook : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessLinkedin : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessReddit : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessTelegram : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessWhatsApp : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level AccessEmail : Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level Access
NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege Escalation
30
Jan
2026

NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege Escalation

NVIDIA has issued a critical security update addressing multiple high-severity vulnerabilities in its GPU Display Driver, vGPU software, and HD…

Share: X : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationFacebook : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationLinkedin : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationReddit : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationTelegram : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationWhatsApp : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege EscalationEmail : NVIDIA GPU Display Driver Vulnerabilities Allows Code Execution and Privilege Escalation
GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive Details
30
Jan
2026

GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive Details

A new Android spyware campaign has emerged, targeting users in Pakistan through a sophisticated romance scam that uses fake dating…

Share: X : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsFacebook : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsLinkedin : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsReddit : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsTelegram : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsWhatsApp : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive DetailsEmail : GhostChat Spyware Attacking Android Users Via WhatsApp to Exfiltrate Sensitive Details
Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and Crashes
30
Jan
2026

Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and Crashes

The Wireshark Foundation has officially released Wireshark 4.6.3, the latest update to the world’s most popular network protocol analyzer. This…

Share: X : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesFacebook : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesLinkedin : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesReddit : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesTelegram : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesWhatsApp : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and CrashesEmail : Wireshark 4.6.3 Released Fix for Vulnerabilities that Lead to DoS Attack and Crashes
Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure Exposed
30
Jan
2026

Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure Exposed

Security researchers have uncovered a sophisticated traffic distribution network leveraging deceptive education-themed domains to deliver malware and phishing attacks. The…

Share: X : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedFacebook : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedLinkedin : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedReddit : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedTelegram : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedWhatsApp : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure ExposedEmail : Education-Themed Malicious Domains Linked to Bulletproof Hosting Infrastructure Exposed
Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in Attacks
30
Jan
2026

Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in Attacks

Two critical code-injection vulnerabilities have been disclosed in the Endpoint Manager Mobile (EPMM) platform, which are currently being actively exploited…

Share: X : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksFacebook : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksLinkedin : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksReddit : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksTelegram : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksWhatsApp : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in AttacksEmail : Critical Ivanti Endpoint Manager RCE Vulnerabilities Actively Exploited in Attacks
Microsoft Teams New Feature to Flag Suspicious One-to-One Calls
30
Jan
2026

Microsoft Teams New Feature to Flag Suspicious One-to-One Calls

A new security feature is being added to Teams to help organizations detect and stop voice-based scams and phishing attacks….

Share: X : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsFacebook : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsLinkedin : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsReddit : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsTelegram : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsWhatsApp : Microsoft Teams New Feature to Flag Suspicious One-to-One CallsEmail : Microsoft Teams New Feature to Flag Suspicious One-to-One Calls