Hackers Use Lotus Wiper to Destroy Drives and Delete Files in Energy Sector Attack
A newly discovered malware called Lotus Wiper has been used in a targeted destructive attack against the energy and utilities sector in Venezuela. Unlike ransomware,…
Category: CyberSecurityNews
New DinDoor Backdoor Abuses Deno Runtime and MSI Installers to Evade Detection
A newly identified backdoor called DinDoor is using the legitimate Deno JavaScript runtime and MSI installer files to quietly slip past security defenses and compromise…
1,370+ Microsoft SharePoint Servers Vulnerable to Spoofing Attacks Exposed Online
A critical spoofing vulnerability in Microsoft SharePoint Server, tracked as CVE-2026-32201, remains unpatched on over 1,370 internet-facing IP addresses worldwide, according to fresh scanning data…
Unauthorized Group Gains Access to Anthropic’s Exclusive Cyber Tool Mythos
A group of unauthorized users has reportedly breached access controls surrounding Claude Mythos Preview, Anthropic’s powerful and closely guarded AI-driven cybersecurity tool, raising serious concerns…
Hackers Abuse GitHub Issue Notifications to Phish Developers Through Malicious OAuth Apps
Cybersecurity researchers have uncovered a sophisticated phishing technique that targets software developers by abusing GitHub’s own notification system to deliver malicious OAuth app authorization requests.…
Claude Code, Gemini CLI, and GitHub Copilot Vulnerable to Prompt Injection via GitHub Comments
A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes GitHub pull request titles, issue bodies, and issue…
PoC Exploit Released for Windows Snipping Tool NTLM Hash Leak Vulnerability
A proof-of-concept (PoC) exploit has been publicly released for a newly disclosed vulnerability in Microsoft’s Snipping Tool that allows attackers to silently steal users’ Net-NTLM…
Gh0st RAT and CloverPlus Adware Delivered Together in New Dual-Payload Malware Campaign
A newly identified malware campaign is raising serious concerns across the cybersecurity community by delivering two very different threats at the same time. Attackers are…
North Korea-Linked UNC1069 Uses Fake Zoom and Teams Meetings to Hack Crypto Professionals
A North Korean threat group known as UNC1069 has been running a sophisticated campaign that tricks cryptocurrency and Web3 professionals into joining fake online meetings,…
New JanaWare Ransomware Targets Turkish Users Through Customized Adwind RAT
A new ransomware strain known as JanaWare has been quietly targeting home users and small to medium-sized businesses in Turkey, using a customized version of…
Public Notion Pages Leaks Profile Photos and Email address of Editors
Notion, a widely used productivity and collaboration platform, is facing intense scrutiny from the cybersecurity community. Security researchers have revealed that public Notion pages silently…
Critical Vulnerability In Flowise Allows Remote Command Execution Via MCP Adapters
A critical vulnerability in Flowise and multiple AI frameworks has been discovered by OX Security, exposing millions of users to remote code execution (RCE). The…