Cybersecurity Articles

232/69 Wednesday, April 29, 2026 A 2026 report by LayerX Security reveals that at least 82 extensions on Google Chrome have been found secretly collecting users’ personal data and selling it to third parties, impacting more than 6.5 million users worldwide. Notably, these tools are not traditional malware. Instead, they explicitly disclose data-sharing practices in […]

231/69 Tuesday, April 29, 2026 Researchers from Silverfort have disclosed a vulnerability in Microsoft Entra Agent ID, a mechanism designed to manage digital identities for AI agents. The issue lies in the Agent ID Administrator role, which was intended to manage only agent-related objects but was found to have excessive permissions. This allowed it to […]

230/69 Tuesday, April 29, 2026 Researchers from Symantec report that the Trigona ransomware has evolved its tactics by using a self-developed command-line tool for data exfiltration instead of commonly detected tools like Rclone or MegaSync. This trend, observed in attacks during March 2026, highlights the group’s effort to increase sophistication and evade detection. Trigona operates […]

229/69 Tuesday, April 28, 2026 CrowdStrike has disclosed a critical vulnerability, CVE-2026-40050, affecting its LogScale product in self-hosted deployments. The flaw is an unauthenticated path traversal vulnerability located in a specific Cluster API endpoint. If left unpatched, it could allow remote attackers to access and read sensitive files on the server’s file system without requiring […]

228/69 Monday, April 27, 2026 Researchers from Mandiant have identified a campaign by the threat group UNC6692 leveraging social engineering techniques to compromise organizations. The attack begins with email bombing to overwhelm victims and create urgency. Attackers then impersonate IT helpdesk staff and contact targets via Microsoft Teams, convincing them to install what is claimed […]

227/69 Monday, April 27, 2026 Researchers from Wordfence have disclosed a critical vulnerability, CVE-2026-3844 (CVSS 9.8), in the Breeze Cache plugin for WordPress, developed by Cloudways. The flaw allows unauthenticated file uploads to the server, potentially leading to remote code execution (RCE). The plugin is currently used by more than 400,000 websites, and at least […]

226/69 Monday, April 27, 2026 Researchers from the Threat Intelligence team at Infoblox have uncovered a sophisticated global fraud campaign known as Click2SMS. In this scheme, attackers abuse familiar CAPTCHA verification systems as a tool for International Revenue Share Fraud (IRSF). The scam aims to drain money from victims’ accounts or mobile bills by tricking […]

225/69 Friday, April 24, 2026 Apple has released security updates to address vulnerability CVE-2026-28950 in iOS and iPadOS, after discovering an issue in the notification handling system that allowed deleted notification data to remain stored on devices. The flaw has been fixed in iOS 26.4.2, iPadOS 26.4.2, iOS 18.7.8, and iPadOS 18.7.8. Apple stated that […]

224/69 Friday, April 24, 2026 A report from Akamai reveals active exploitation of CVE-2025-29635, a command injection vulnerability affecting end-of-life D-Link DIR-823X routers. Attackers can send specially crafted POST requests to inject commands into the system and gain control of the device. The flaw stems from improper input validation, allowing user-controlled data to be passed […]

223/69 Friday, April 24, 2026 A new ransomware group known as Kyber has been observed targeting critical enterprise infrastructure, particularly servers running on Windows and VMware ESXi. A major U.S.-based defense contractor and IT services provider has reportedly already fallen victim. The attackers use a Tor-based leak site called “Wall of Wonders” to pressure victims […]