Author: PulauWin

Internet Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

April 26, 2026 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPhone... Read more »
Internet Security

Trigona ransomware adopts custom tool to steal data and evade detection

April 26, 2026 add comment
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomware attacks... Read more »
Internet Security

Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION

April 26, 2026 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

April 26, 2026 add comment
Cybersecurity researchers have discovered a critical “by design” weakness in the Model Context Protocol’s (MCP) architecture that could pave the way for remote code execution and have a cascading... Read more »
Internet Security

U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog

April 25, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SimpleHelp, Samsung,... Read more »
Internet Security

Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)

April 25, 2026 add comment
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS... Read more »
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

April 25, 2026 add comment
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on... Read more »
The Hacker News

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

April 25, 2026 add comment
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its... Read more »
The Hacker News

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

April 25, 2026 add comment
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS... Read more »

China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors

April 25, 2026 add comment
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. “The group wields a wide array of tools... Read more »
Subscribe to our Newsletter