Firestarter Malware Persists on Cisco Firewalls Despite Patching
Overview Cybersecurity agencies in the U.S. (CISA) and U.K. (NCSC) have issued warnings about Firestarter, a custom backdoor malware targeting Cisco Firepower and Secure Firewall […]
Month: April 2026
ADT Confirms Breach After ShinyHunters Extortion Threat
Overview Home security giant ADT has confirmed a data breach following threats from the extortion group ShinyHunters, who claimed to have stolen 10 million customer […]
Pastebin-Hosted PowerShell Script Targets Telegram Sessions
Overview Researchers have uncovered a malicious PowerShell script hosted on Pastebin that masquerades as a Windows Telemetry Update. The script is designed to silently steal […]
UNC6692 Exploits Microsoft Teams Helpdesk Impersonation to Deploy SNOW Malware
Overview A newly identified threat cluster, UNC6692, is leveraging Microsoft Teams impersonation of IT helpdesk staff to trick victims into installing malicious payloads. The campaign […]
Hackers Exploit Critical File Upload Bug in Breeze Cache Plugin
Overview A critical vulnerability in the Breeze Cache WordPress plugin (CVE‑2026‑3844) is being actively exploited, allowing unauthenticated attackers to upload arbitrary files to servers. The […]
Kyber Ransomware Experiments with Post‑Quantum Encryption
Overview A new Kyber ransomware campaign is targeting both Windows systems and VMware ESXi endpoints, with one variant experimenting with Kyber1024 post‑quantum encryption. Rapid7’s analysis […]
Project Glasswing: AI Finds the Bugs, But Who Fixes Them?
Overview Anthropic’s Project Glasswing has demonstrated that AI can discover vulnerabilities at unprecedented scale and speed — so much so that its public release was […]
Pack2TheRoot: Critical Linux Privilege Escalation Vulnerability
Overview A newly disclosed vulnerability, CVE‑2026‑41651 (dubbed Pack2TheRoot), affects PackageKit, a widely deployed package management abstraction layer across major Linux distributions. The flaw allows any […]
New Mirai Campaign Exploits EoL D-Link Routers
Overview Akamai’s Security Intelligence Response Team (SIRT) has detected a new Mirai-based malware campaign exploiting CVE‑2025‑29635, a command-injection flaw in D-Link DIR‑823X routers. The vulnerability, […]
SIM Farm-as-a-Service: ProxySmart Exposes Global Mobile Proxy Infrastructure
Overview A global investigation has revealed an industrial-scale SIM Farm-as-a-Service ecosystem, powered by a Belarus-based platform called ProxySmart. Researchers identified 87 exposed control panels across […]