Cybersecurity Articles

224/69 Friday, April 24, 2026 A report from Akamai reveals active exploitation of CVE-2025-29635, a command injection vulnerability affecting end-of-life D-Link DIR-823X routers. Attackers can send specially crafted POST requests to inject commands into the system and gain control of the device. The flaw stems from improper input validation, allowing user-controlled data to be passed […]

223/69 Friday, April 24, 2026 A new ransomware group known as Kyber has been observed targeting critical enterprise infrastructure, particularly servers running on Windows and VMware ESXi. A major U.S.-based defense contractor and IT services provider has reportedly already fallen victim. The attackers use a Tor-based leak site called “Wall of Wonders” to pressure victims […]

222/69 Thursday, April 23, 2026 The Cybersecurity and Infrastructure Security Agency has added eight newly identified security vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming they are being actively exploited in the wild. These vulnerabilities affect products from multiple vendors, including PaperCut, JetBrains, Kentico, Quest Software, Synacor, and Cisco. These flaws pose risks […]

221/69 Thursday, April 23, 2026 The cryptocurrency exchange Grinex announced a full suspension of its operations on April 16, 2026, after detecting a security incident that resulted in the loss of approximately 1 billion rubles (around $13.7 million). The company stated that the attack was highly sophisticated and suggested it may have involved Western intelligence […]

220/69 Thursday, April 23, 2026 The U.S. Department of Justice has revealed major developments in a significant cybercrime case involving 41-year-old Angelo Martino, a former ransomware negotiator who has pleaded guilty to conspiracy to commit extortion. Authorities found that Martino secretly collaborated with the BlackCat ransomware group in 2023. Acting as a negotiator for five […]

219/69 Wednesday, April 22, 2026 Researchers from LayerX have uncovered a malicious campaign named StealTok, which spreads through browser extensions on Google Chrome and Microsoft Edge. These extensions impersonate TikTok video download tools (no watermark), but their real purpose is to harvest user data and perform detailed device fingerprinting. The campaign has reportedly been active […]

218/69 Wednesday, April 22, 2026 France’s ANTS, which manages applications for essential identification documents such as national ID cards, passports, driver’s licenses, and residence permits, detected a cyberattack on April 15, 2026. The French Interior Ministry confirmed that the incident may have led to the exposure of certain personal data belonging to both individual users […]

217/69 Wednesday, April 22, 2026 A new ransomware group known as The Gentlemen, operating under a Ransomware-as-a-Service (RaaS) model and first observed in mid-2025, is rapidly scaling its attacks worldwide. Researchers from Check Point Research have recently identified the group leveraging the SystemBC botnet, which consists of more than 1,570 infected machines globally. Unlike opportunistic […]

216/69 Tuesday, April 21, 2026 A new phishing campaign has been identified targeting Apple users by exploiting legitimate account notification systems. Attackers misuse Apple’s real alert mechanisms to send genuine-looking emails, then insert additional malicious content to trick victims into believing their accounts have been compromised or altered without authorization. The attack is highly convincing […]

215/69 Tuesday, April 21, 2026 Researchers from Proofpoint have revealed that cybercriminal groups are increasingly targeting transportation and logistics companies to gain access to internal systems, enabling cargo theft and payment diversion. These attacks are often linked to organized crime and reflect a growing trend known as “cyber-enabled cargo theft,” where digital intrusions directly support […]