Critical SandboxJS Vulnerability Allows Remote Host Takeover
SandboxJS Vulnerability PoC Released A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems.…
Category: CyberSecurityNews
Massive Spike in Attacks Exploiting Ivanti EPMM Systems 0-day Vulnerability
Ivanti EPMM 0-day Vulnerability Exploited An unprecedented surge in exploitation attempts targeting CVE-2026-1281, a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM). On February 9,…
Prometei Botnet Attacking Windows Server to Gain Remote Access and Deploy Malware
Prometei Botnet Attacking Windows Server A sophisticated attack is targeting Windows Server systems using Prometei, a Russian-linked botnet that has been active since 2016. This…
Threat Actors Weaponize ChatGPT, Grok and Leverages Google Ads to Distribute macOS AMOS Stealer
Cybercriminals have developed a sophisticated attack campaign that exploits user trust in artificial intelligence platforms to distribute the Atomic macOS Stealer (AMOS), marking a dangerous…
Legacy IRC Botnet Campaign Uses Automated SSH Compromise Pipeline to Enroll Linux Hosts at Scale
SSHStalker is a newly discovered Linux botnet that brings back Internet Relay Chat (IRC) control while using automation to compromise servers over SSH. It mainly…
Cephalus Ransomware Emerges as Go-Based Double-Extortion Threat Targeting Exposed RDP
Cephalus has surfaced as a Go-built ransomware strain linked to victim activity as early as June 2025, with wider public reporting appearing in August. It…
GitGuardian Raises $50M to Tackle AI Agent & Identity Security
New York, NY, February 11th, 2026, CyberNewswire Insight Partners leads round, alongside Quadrille Capital, to accelerate expansion across Americas, EMEA, and strategic verticals GitGuardian, a…
MSHTML Framework 0-Day Vulnerability Let Attackers Security Feature over Network
MSHTML Framework 0-Day Vulnerability Microsoft has released an urgent security patch for a critical zero-day vulnerability (CVE-2026-21513) affecting the MSHTML Framework, which was actively exploited…
Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild
Microsoft Office Word 0-day Vulnerability A critical zero-day vulnerability in Microsoft Word, tracked as CVE-2026-21514, was disclosed on February 10, 2026, allowing attackers to bypass…
Microsoft Investigates Teams Assignment Errors After Failed Service Update
Microsoft Investigates Teams Assignment Errors Microsoft Teams faces widespread disruptions in assignment management, prompting an urgent investigation by the company. Users of Microsoft Teams are…
Sophisticated Cyber Attack Targets Wedding Industry With Teams-Based Malware Delivery
Teams-Based Malware Delivery A sophisticated phishing campaign targets wedding planners and vendors with stealer malware disguised as Microsoft Teams meetings. Security researchers highlight the use…
CISA Adds Six Microsoft 0-Day Vulnerabilities to KEV Catalog Following Active Exploitation
Microsoft 0-Day Vulnerabilities The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities,…