Critical bug in CrowdStrike LogScale let attackers access files Pierluigi Paganini April 26, 2026 CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated…
Small and medium-sized businesses (SMBs) often find themselves in the crosshairs of today’s cybercriminals. While the spotlight often shines on high-profile breaches affecting corporate giants,…
Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack. The company states that…
State-sponsored threat actors are actively targeting Cisco Firepower devices by chaining known vulnerabilities to deploy a highly customized backdoor. Cisco Talos recently discovered that the…
Ravie LakshmananApr 22, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme…
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware Pierluigi Paganini April 26, 2026 ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia…
During the various phases of an attack, it’s not uncommon for threat actors to use “living off the land” binaries (LOLBins) or scripts and libraries…
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver.…
A critical zero-day vulnerability in the Litecoin network was actively exploited to launch a denial-of-service (DoS) attack, temporarily disrupting operations across major mining pools before…
Ravie LakshmananApr 22, 2026Vulnerability / Cryptography Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to…
Trigona ransomware adopts custom tool to steal data and evade detection Pierluigi Paganini April 26, 2026 Trigona ransomware now uses a custom command-line tool to…
Threat actors of varying types continue to target managed file transfer (MFT) applications for exploitation. The latest concerning MFT vulnerability was identified by Converge Technology…
