Cybersecurity Articles

62/69 Monday, February 2, 2026 SmarterTools has released security updates to address two vulnerabilities in its SmarterMail email software, one of which is a critical flaw, tracked as CVE-2026-24423, with a CVSS score of 9.3. This vulnerability could allow attackers to execute malicious code on affected systems. The issue stems from the ConnectToHub API method […]

61/69 Monday, February 2, 2026 A large-scale phishing campaign is currently spreading worldwide, targeting users of cloud storage services. Cybercriminals send fraudulent notification emails claiming that monthly payments have failed or that storage space is full, creating panic by warning that photos and important files will be deleted or access will be suspended within a […]

60/69 Friday, January 30, 2026 Researchers at Proofpoint have observed increased activity from TA584, an Initial Access Broker (IAB) group that significantly expanded its operations in late 2025. The group reportedly tripled its campaign volume, broadening its targeting beyond North America and the United Kingdom to include Germany, other European countries, and Australia. TA584 has […]

59/69 Friday, January 30, 2026 The U.S. Federal Bureau of Investigation (FBI) has seized the cybercrime forum known as RAMP, a platform widely used to advertise and trade malware, hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware activities. Both the forum’s Tor site and its clearnet domain […]

58/69 Friday, January 30, 2026 In late December, Poland’s energy infrastructure became the target of coordinated cyberattacks across multiple regions, focusing on Distributed Energy Resources (DERs) nationwide. The affected facilities included wind, solar, and combined heat and power plants, with approximately 30 sites impacted (up from an initial estimate of 12). Although the attackers were […]

57/69 Thursday, January 29, 2026 Researchers from Kaspersky have identified that the Mustang Panda threat group has released a new version of its CoolClient backdoor, adding enhanced capabilities to steal browser login data and monitor clipboard contents. The observed attacks primarily target government organizations in Myanmar, Mongolia, Malaysia, Russia, and Pakistan. The attackers leveraged software […]

56/69 Thursday, January 29, 2026 Shadowserver has reported the detection of more than 6,000 SmarterMail servers that are exposed to the internet and are likely affected by a critical authentication bypass vulnerability, tracked as CVE-2026-23760. The vulnerability was disclosed by cybersecurity firm watchTowr on January 8, 2026, and was patched by SmarterTools on January 15, […]

55/69 Thursday, January 29, 2026 Cybersecurity experts are warning that a high-severity vulnerability in WinRAR, tracked as CVE-2025-8088, continues to be actively exploited by a wide range of threat actors, including state-sponsored groups and financially motivated cybercriminals. The flaw is a path traversal vulnerability that abuses Alternate Data Streams (ADS) to write malicious files to […]

54/69 Wednesday, January 28, 2026 Cybersecurity researchers from Blackpoint Cyber have identified an attack campaign that uses fake CAPTCHA prompts to install the Amatera Stealer infostealer malware. Instead of asking users to select images as in legitimate CAPTCHA challenges, the malicious website instructs victims to press Windows Key + R, paste a command, and press […]

53/69 Wednesday, January 28, 2026 Microsoft has released an out-of-band security update to address an actively exploited zero-day vulnerability in Microsoft Office, tracked as CVE-2026-21509. The vulnerability affects multiple Office versions, including Office 2016, Office 2019, Office LTSC 2021, Office LTSC 2024, and Microsoft 365 Apps for Enterprise. According to Microsoft, the flaw is classified […]