OWASP Smart Contract Top 10 2026 — Security Risks and Vulnerabilities
OWASP Smart Contract Top 10 2026 The Open Web Application Security Project (OWASP) has published the Smart Contract Top 10: 2026, a forward-looking standard awareness…
Category: CyberSecurityNews
New MIMICRAT Custom RAT Uncovered in Sophisticated Multi-Stage ClickFix Campaign
A sophisticated new cyber campaign has been uncovered, utilizing a deceptive technique known as “ClickFix” to distribute a custom remote access trojan dubbed MIMICRAT. This…
Microsoft MFA Down – 504 Gateway Timeout Errors Disrupting MFA Access for U.S. Users
Microsoft is currently investigating a significant service degradation affecting Multi-Factor Authentication (MFA) across its Microsoft 365 suite, with users in the North America region reporting…
New Phishing Framework Starkiller Proxies Real Login Pages to Bypass MFA
A highly sophisticated phishing framework named Starkiller has recently emerged, offering attackers an advanced method to steal credentials and bypass multi-factor authentication. Developed by a…
North Korean Threat Actors Leverage Fake IT Worker Campaigns and Contagious Interview Tactics
North Korean nation-state threat actors have been running a two-part operation — posing as job recruiters while embedding fake workers inside real companies. Since at…
Threat Actor Allegedly Claimed Leak of Wendy’s International Franchise Database
Wendy Data Breach A threat actor claimed on February 22, 2026, to have leaked what they are calling the “Wendy’s International Franchise Database,” exposing sensitive…
HPE Telco Service Activator Vulnerability Let Attackers Bypass Access Restrictions
HPE Telco Service Activator Vulnerability Security Bulletin released on February 19, 2026, addresses a remote flaw in HPE Telco Service Activator that could let attackers…
jsPDF Vulnerability Exposes Millions of Developers to Object Injection Attacks
jsPDF Vulnerability Injection Attacks A newly disclosed security flaw in the popular jsPDF library has exposed millions of web developers to PDF Object Injection attacks, allowing remote attackers…
PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
Grandstream GXP1600 VoIP Phones RCE Vulnerability A critical zero-day vulnerability, tracked as CVE-2026-2329, is affecting Grandstream’s GXP1600 series VoIP desk phones. The issue is an…
CISA Warns of Multiple Roundcube Vulnerabilities Exploited in Attacks
CISA has officially updated its Known Exploited Vulnerabilities (KEV) Catalog to include new security flaws affecting a popular webmail platform. On February 20, 2026, the…
Threat Actors Allegedly Selling WhatsApp Crash Exploit on Hacking Forums
Threat Actors WhatsApp Crash Exploit Claim on Hacking Forums (Source: Darkweb Informer) A recent discovery on underground hacking forums has raised alarms about a new…
Google Suspends OpenClaw Users from Antigravity AI After OAuth Token Abuse
Google Suspends OpenClaw Users Google has suspended access to its Antigravity AI platform for numerous users of the open-source tool OpenClaw, sparking backlash over aggressive…