Palo Alto Networks Completed Acquisition of Identity Security Firm CyberArk
Palo Alto Networks and CyberArk Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark $25 billion deal.…
Category: CyberSecurityNews
Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures
The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive…
Beware of Fake Shops from Threat Actors to Attack Winter Olympics 2026 Fans
Cybercriminals are targeting fans of the Milano Cortina 2026 Winter Olympics through an extensive network of fake online merchandise stores designed to steal payment information…
Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read
Joomla Novarain/Tassos Framework Vulnerabilities Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection…
Single IP Dominates Exploitation Campaign Attacking Ivanti EPMM with RCE Vulnerability
Single IP Dominates Ivanti EPMM with RCE Vulnerability A critical remote code execution (RCE) flaw in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281, is…
Hackers Can Weaponize ‘Summarize with AI’ Buttons to Inject Memory Prompts Into AI Recommendations
A new security threat has emerged targeting users of AI assistants through a technique called AI Recommendation Poisoning. Companies and threat actors embed hidden instructions…
New Clickfix variant ‘Matryoshka’ Attacking Users to Deploy macOS Stealer Malware
A sophisticated social engineering campaign targeting macOS users has emerged, deploying a dangerous stealer malware through an evolved version of the ClickFix attack technique. Named…
LockBit’s New 5.0 Version Attacking Windows, Linux and ESXI Systems
A dangerous new version of LockBit ransomware has emerged, targeting multiple operating systems and threatening businesses worldwide. LockBit 5.0, released in September 2025, represents a…
Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks
Airleader Vulnerability A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA…
New ZeroDayRAT Attacking Android and iOS For Real-Time Surveillance and Data Theft
ZeroDayRAT is a new mobile spyware platform sold openly through Telegram, with activity first observed on February 2, 2026. It targets Android (5–16) and iOS…
CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover
ZLAN ICS Devices Vulnerabilities An alert regarding two critical vulnerabilities found in ZLAN Information Technology Co.’s ZLAN5143D industrial communication device. According to the advisory (ICSA-26-041-02),…
Lotus Blossom Hackers Compromised Official Hosting Infrastructure of Notepad++
The state-sponsored threat group Lotus Blossom successfully breached the official hosting infrastructure of Notepad++ between June and December 2025, targeting users across government agencies, telecommunications…