פיד: Cyber Security News

Windows 11 Emergency Update to Fix ‘No Internet’ Sign-In Errors for OneDrive, Teams, and More

Microsoft has released an out-of-band (OOB) update, KB5085516, for Windows 11 versions 25H2 and 24H2 to address a critical sign-in issue introduced by…

לפני 2 שעות

CISA Warns of Craft CMS Code Injection Vulnerability Exploited in Attacks

A critical https://cybersecuritynews.com/craft-cms-rce-0-day-vulnerability/ has been added to the Known Exploited Vulnerabilities catalog following co…

לפני 3 שעות

$30 IP-KVM Flaws Could Give Attackers BIOS-Level Control Across Enterprise Networks

A recent security assessment by researchers has uncovered nine severe vulnerabilities across four popular low-cost IP-KVM devices. These flaws allow a…

New CanisterWorm Steals npm Tokens and Spreads Through Compromised Publisher Accounts

A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked …

CISA Warns of Apple Vulnerabilities Linked to DarkSword iOS Exploit Chain Exploited in Attacks

An urgent warning regarding three critical Apple vulnerabilities that threat actors are actively exploiting in the wild. These security flaws, officia…

Copyright-Themed Lures Deliver Multi-Stage PureLog Stealer in New Credential Theft Campaign

A new malware campaign is targeting organizations across healthcare, government, education, and hospitality sectors using cleverly disguised copyright…

AstraZeneca Data Breach – LAPSUS$ Group Allegedly Claims Access to Internal Data

The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational p…

לפני 22 שעות

Malicious Script Injection in Trivy Compromise Enables Credential Theft

A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and …

FBI, CISA Warn Russian Hackers Are Targeting High-Value Individuals Through Signal

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity…

Chrome Security Update Fixes 26 Vulnerabilities Allowing Remote Code Execution

Google has released a substantial security update for its Chrome web browser, addressing 26 distinct vulnerabilities that could allow unauthenticated …

Oracle Issues Urgent Security Update for Critical RCE Flaw in Identity Manager and Web Services Manager

Oracle has issued an out-of-band Security Alert addressing a critical remote code execution (RCE) vulnerability, CVE-2026-21992, affecting two widely …

Anthropic Launches Projects Feature for Claude Cowork Desktop

Anthropic is expanding Claude Cowork Desktop with a new Projects feature designed to keep files, instructions, and task context organized inside a sin…

Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins

Microsoft has acknowledged a significant bug introduced by its https://cybersecuritynews.com/microsoft-cumulative-updates-windows-11/ that is preventi…

Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data

A sweeping cyberattack campaign has compromised more than 7,500 Magento-powered e-commerce websites since late February 2026, with attackers uploading…

New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation

A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the first malware kn…

Perseus Android Malware Steals User Notes and Enables Full Device Takeover

A new Android banking trojan named Perseus has emerged in the wild, representing the next step in the ongoing evolution of mobile malware. Built on th…

לפני 3 ימים