Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns
According to a recent April 2026 report by security researcher Himaja Motheram at Censys, just under 6 million internet-facing hosts are still running the File…
Category: CyberSecurityNews
Email-Borne Worm Surge Drives New Threat Wave Across Industrial Control Systems
A global wave of email-borne worms hit industrial control systems (ICS) in the fourth quarter of 2025, marking one of the most concerning threat shifts…
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices.…
Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face
A critical vulnerability in the marimo Python notebook platform is now being actively used by attackers to deploy a blockchain-powered backdoor on developer systems. The…
Microsoft Confirms Windows Servers Enter Reboot Loops Following April Patches
Microsoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers following the deployment of the April 2026 Patch Tuesday cumulative update, KB5082063,…
Microsoft Confirms Windows 11 Updates May Force BitLocker Recovery Key Entry
Microsoft has officially acknowledged a known issue affecting Windows 11 users following the release of its April 2026 Patch Tuesday cumulative updates. Devices running certain…
Two U.S. Nationals Sentenced for Running Laptop Farm for DPRK Remote Workers
Two American nationals have been sentenced to federal prison for operating a sophisticated “laptop farm” scheme. The operation successfully infiltrated over 100 U.S. companies, generating…
SpankRAT Exploits Legitimate Windows Explorer Processes for Stealth and Delayed Detection
A newly identified two-component Remote Access Trojan (RAT) toolkit built in Rust, dubbed SpankRAT, is being used by threat actors to abuse legitimate Windows processes,…
Microsoft 365 Web Services Hit by Google Chrome 147 Compatibility Issue
Microsoft is actively investigating a widespread authentication issue affecting users attempting to access Microsoft 365 web-based services through Google Chrome version 147. The problem, first…
Hackers Abuse n8n AI Workflow Automation to Deliver Malware Through Trusted Webhooks
Cybercriminals have found a new way to sneak malware past traditional security filters by hijacking a legitimate AI workflow automation tool called n8n. Rather than…
Hackers Abuse Google Discover With AI-Generated Content to Push Malicious Notifications
A newly identified threat operation is exploiting one of the most widely used content discovery tools on Android and Chrome devices — Google’s Discovery feed…
Windows Active Directory Vulnerability Allow Attackers to Execute Malicious Code
Microsoft has released urgent security updates to address a critical vulnerability in Windows Active Directory that allows attackers to execute malicious code. Disclosed on April…