Cybersecurity Articles

212/69 Monday, April 20, 2026 Researchers from Fortinet have uncovered a cyberattack campaign leveraging Nexcorium, a variant of the Mirai malware. The campaign exploits CVE-2024-3721, a command injection vulnerability in TBK DVR devices, along with attacks targeting end-of-life TP-Link routers. These compromised devices are then recruited into botnets used for Distributed Denial-of-Service (DDoS) attacks. The […]

211/69 Monday, April 20, 2026 Cybersecurity researchers from Zimperium zLabs have identified a new Android malware campaign involving four families-RecruitRat, SaferRat, Astrinox, and Massiv-targeting more than 800 banking and cryptocurrency applications globally. The campaign relies on sophisticated social engineering techniques such as phishing and smishing. Examples include fake job recruitment websites that trick victims into […]

210/69 Friday, April 17, 2026 Ivanti has released security updates for Ivanti Neurons for ITSM to address two medium-severity vulnerabilities affecting both on-premises and cloud deployments. The first vulnerability, CVE-2026-4913 (CVSS 5.7), could allow authenticated users to retain access to the system even after their accounts have been disabled. This issue may enable unauthorized continued […]

209/69 Friday, April 17, 2026 Europol has provided an update on the international operation Operation PowerOFF, aimed at disrupting the use of Distributed Denial-of-Service (DDoS) attack platforms. Authorities have identified more than 75,000 individuals involved and have issued warnings via email and formal letters. The coordinated effort, involving agencies from 21 countries, has also led […]

208/69 Friday, April 17, 2026 Cybersecurity experts have issued a warning about active exploitation of a critical vulnerability, CVE-2026-33032, affecting Nginx UI-a widely used web-based management interface for Nginx. The flaw stems from support for the Model Context Protocol (MCP), where the /mcp_message endpoint is left unprotected. This allows remote attackers to bypass authentication entirely […]

207/69 Thursday, April 16, 2026 Booking.com has confirmed a data breach after unauthorized individuals accessed certain customer booking information. The affected data may include names, addresses, email addresses, phone numbers, and selected booking details. The company stated that payment information was not impacted and has not disclosed the number of affected users or the attack […]

206/69 Thursday, April 16, 2026 A data leak of approximately 8.1GB has been reported, allegedly linked to Rockstar Games. The cybercriminal group ShinyHunters has claimed responsibility for the breach and has begun releasing portions of the data publicly. The leaked information reportedly includes anti-cheat source code, player analytics data, game assets, and customer support data […]

205/69 Thursday, April 16, 2026 Cybersecurity researchers from Socket have uncovered a large-scale malware campaign embedded within the Chrome Web Store, involving more than 100 malicious browser extensions designed to steal user data. These extensions disguise themselves as tools for managing Telegram, online slot games, and add-ons for platforms like YouTube and TikTok. Analysis of […]

204/69 Friday, April 10, 2026 Researchers from CloudSEK have uncovered hardcoded Google API keys embedded in 22 popular Android applications, totaling 32 keys and impacting over 500 million users. These keys could potentially be abused to access Gemini AI services without authorization. The findings align with research from Quokka, which identified over 35,000 similar keys […]

203/69 Friday, April 10, 2026 A report from Microsoft Threat Intelligence reveals that the hacking group known as Forest Blizzard (also called Fancy Bear) has been conducting large-scale attacks by compromising home and small office (SOHO) routers to build an infrastructure for cyber espionage. This activity has been tracked since August 2025 and has continued […]