Internet Security

Critical Zyxel router flaw exposed devices to remote attacks

February 25, 2026 add comment
Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a critical remote code execution vulnerability, tracked as CVE-2025-13942... Read more »

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

February 25, 2026 add comment
ShinyHunters leaked data from 12.4M CarGurus accounts, exposing personal information from the U.S.-based auto research and shopping platform. The ShinyHunters group published personal data from over 12 million CarGurus... Read more »

Former U.S. Defense contractor executive sentenced for selling zero-day exploits to Russian broker Operation Zero

February 25, 2026 add comment
A former employee at U.S. defense contractor L3Harris got over 7 years in prison for selling eight zero-days to a Russian broker. Peter Williams, a 39-year-old Australian former L3Harris... Read more »

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

February 25, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Lazarus APT group deployed Medusa Ransomware against Middle East target

February 25, 2026 add comment
North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet... Read more »

SolarWinds patches four critical Serv-U flaws enabling root access

February 24, 2026 add comment
SolarWinds addressed four critical Serv-U vulnerabilities that could let attackers gain root access to unpatched servers. SolarWinds released updates fixing four critical Serv-U vulnerabilities that allow remote code execution,... Read more »

VMware Aria Operations flaws could enable remote attacks

February 24, 2026 add comment
Broadcom patched multiple VMware Aria Operations flaws, including high-severity issues that could enable remote code execution. Broadcom has released security updates to address multiple vulnerabilities affecting VMware Aria Operations.... Read more »

Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign

February 24, 2026 add comment
Arkanix Stealer surfaced in late 2025 as a short-lived info-stealer, likely built as an AI-assisted experiment and quickly abandoned. Arkanix Stealer emerged in late 2025 as a short-lived information-stealing... Read more »

Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen

February 24, 2026 add comment
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on... Read more »

Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration

February 24, 2026 add comment
Russia-linked APT28 targeted European entities with a webhook-based macro malware campaign called Operation MacroMaze. Russia-linked APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) launched Operation MacroMaze, targeting select entities in... Read more »
Subscribe to our Newsletter