Cybersecurity Articles

285/69 Monday, May 25, 2026 Reports have emerged of multiple iPhone users in Italy having their WhatsApp accounts hijacked and used to send unauthorized messages, despite victims not clicking malicious links, scanning QR codes, entering verification codes, or linking new devices. Attackers reportedly used compromised accounts to send money transfer requests to recently contacted individuals. […]

284/69 Tuesday, May 26, 2026 Researchers have identified a large-scale attack campaign exploiting the critical SQL Injection vulnerability CVE-2026-26980 in Ghost CMS to inject malicious JavaScript into websites, leading to ClickFix-style attacks. According to threat intelligence researchers from Qianxin XLab, more than 700 affected domains have been identified, including websites belonging to universities, AI/SaaS companies, […]

283/69 Tuesday, May 26, 2026 Ransomware groups in 2026 are increasingly shifting their tactics away from encrypting victim systems and toward pure data extortion operations, focusing primarily on stealing sensitive information and threatening to publicly leak the data if victims refuse to pay. One of the key drivers behind this shift is the steady decline […]

282/69 Monday, May 25, 2026 Security researchers have reported that attackers linked to the RondoDox botnet are actively exploiting the legacy vulnerability CVE-2018-5999 in unpatched ASUS routers. The vulnerability carries a CVSS score of 9.8 (Critical) and affects ASUSWRT firmware, allowing attackers to modify router settings without authentication. According to reports, VulnCheck detected active exploitation […]

281/69 Monday, May 25, 2026 Anthropic revealed that Project Glasswing, the company’s proactive cybersecurity initiative, has identified more than 10,000 High and Critical vulnerabilities in widely used and mission-critical software projects worldwide since the program began last month. The initiative granted approximately 50 partners access to Claude Mythos Preview, an advanced AI model capable of […]

280/69 Monday, May 25, 2026 On May 20, 2026, Drupal released security patches to address a critical SQL Injection vulnerability tracked as CVE-2026-9082. However, less than 48 hours after the security update was published, researchers observed widespread exploitation attempts targeting vulnerable Drupal websites using PostgreSQL databases. The vulnerability allows unauthenticated attackers to gain access to […]

279/69 Friday, May 22, 2026 Cisco has released security updates to address a maximum-severity vulnerability in Cisco Secure Workload, tracked as CVE-2026-20223 (CVSS 10.0). The vulnerability is caused by insufficient authentication and authorization validation in an internal REST API, allowing unauthenticated remote attackers to send specially crafted API requests to affected endpoints. If successfully exploited, […]

278/69 Friday, May 22, 2026 The Verizon Data Breach Investigations Report 2026 (DBIR 2026) reveals that artificial intelligence (AI) is playing an increasingly significant role in accelerating cyberattacks, particularly in the discovery, analysis, and exploitation of software vulnerabilities. According to the report, attackers are now able to compromise systems within hours instead of the months […]

277/69 Friday, May 22, 2026 Reports indicate that threat actors are actively exploiting CVE-2024-12802 in SonicWall Gen6 SSL-VPN appliances to bypass multi-factor authentication (MFA). The attacks primarily affect organizations that updated their firmware to patch the vulnerability but failed to fully complete the required manual configuration changes. The flaw allows attackers who already possess valid […]

276/69 Thursday, May 21, 2026 Security researchers have disclosed that Anthropic has patched a vulnerability in Claude Code that could allow attackers to bypass network sandbox restrictions. The issue affected the mechanism responsible for controlling outbound network connections in Claude Code. Under normal conditions, all outbound traffic is forced through a local allowlist proxy, automatically […]