Nova Ransomware Allegedly Claiming Breach of KPMG Netherlands
A major accounting firm in the Netherlands has reportedly become the latest victim of Nova, an active ransomware operation. The breach was discovered and indexed…
Category: CyberSecurityNews
New Phishing Attack Leverages Vercel Hosting Platform to Deliver a Remote Access Tool
A sophisticated phishing campaign active between November 2025 and January 2026 has been exploiting Vercel’s legitimate hosting platform to distribute remote access tools to unsuspecting…
Microsoft Releases Out-of-Band Update KB5078127 to Fix Windows 11 File System and Outlook Freezes
An out-of-band (OOB) cumulative update, KB5078127, to address critical file system compatibility issues affecting Windows 11 users. The update resolves widespread problems introduced by the…
New DPRK Interview Campaign Leverages Fake Fonts to Deploy Malware
North Korea’s Lazarus Group has launched a sophisticated supply chain attack targeting software developers through a campaign called “Fake Font.” The threat actors are using…
New Malware Toolkit Sends Users to Malicious Websites While the URL Stays the Same
Browser attacks have become far more dangerous and organized than before. A new threat called Stanley, discovered in January 2026, shows just how serious the…
Lazarus Hackers Actively Attacking European Drone Manufacturing Companies
Lazarus, a sophisticated North Korean-aligned hacking group also known as HIDDEN COBRA, has launched a new wave of targeted attacks against European drone manufacturers and…
MITRE Releases New Cybersecurity Framework to Protect the Embedded Systems
A new Embedded Systems Threat Matrix (ESTM) framework was introduced to help secure embedded systems used in critical infrastructure and defense technologies across the U.S.…
‘SyncFuture’ Campaign Weaponizing Legitimate Enterprise Security Software to Deploy Malware
In December 2025, threat researchers uncovered an alarming espionage operation targeting residents of India through sophisticated phishing campaigns. The attack, dubbed SyncFuture, demonstrates how cybercriminals…
Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption
A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or corrupt critical data through maliciously…
New Instagram Vulnerability Exposes Private Instagram Posts to Anyone
A critical server-side vulnerability in Instagram’s infrastructure allowed unauthenticated attackers to access private photos and captions without a login or follower relationship, according to a…
Attackers Targeting Construction Firms Exploiting Mjobtime App Vulnerability Using MSSQL and IIS POST Request
Attackers are increasingly turning their attention to construction firms by abusing weaknesses in business software that runs on their job sites. One of the newest…
48M Gmail, 6.5M Instagram Exposed Online From Unprotected Database
A massive database containing 149 million stolen login credentials was discovered exposed online without password protection or encryption. Posing serious security risks to users of…