Cybersecurity Articles

214/69 Tuesday, April 21, 2026 The National Institute of Standards and Technology (NIST) has announced a change in its approach to assessing and analyzing vulnerabilities within the National Vulnerability Database (NVD), effective April 15. This decision comes as global reporting of vulnerabilities (CVEs) has surged by 263%, with continued growth expected in 2026-overwhelming the agency’s […]

213/69 Monday, April 20, 2026 Researchers from Sophos have identified a ransomware campaign involving Payouts King, which leverages QEMU to create a hidden virtual machine (VM) inside compromised systems. This VM acts as a covert backdoor, using reverse SSH connections to execute malware, store malicious files, and maintain remote control-while evading detection from traditional endpoint […]

212/69 Monday, April 20, 2026 Researchers from Fortinet have uncovered a cyberattack campaign leveraging Nexcorium, a variant of the Mirai malware. The campaign exploits CVE-2024-3721, a command injection vulnerability in TBK DVR devices, along with attacks targeting end-of-life TP-Link routers. These compromised devices are then recruited into botnets used for Distributed Denial-of-Service (DDoS) attacks. The […]

211/69 Monday, April 20, 2026 Cybersecurity researchers from Zimperium zLabs have identified a new Android malware campaign involving four families-RecruitRat, SaferRat, Astrinox, and Massiv-targeting more than 800 banking and cryptocurrency applications globally. The campaign relies on sophisticated social engineering techniques such as phishing and smishing. Examples include fake job recruitment websites that trick victims into […]

210/69 Friday, April 17, 2026 Ivanti has released security updates for Ivanti Neurons for ITSM to address two medium-severity vulnerabilities affecting both on-premises and cloud deployments. The first vulnerability, CVE-2026-4913 (CVSS 5.7), could allow authenticated users to retain access to the system even after their accounts have been disabled. This issue may enable unauthorized continued […]

209/69 Friday, April 17, 2026 Europol has provided an update on the international operation Operation PowerOFF, aimed at disrupting the use of Distributed Denial-of-Service (DDoS) attack platforms. Authorities have identified more than 75,000 individuals involved and have issued warnings via email and formal letters. The coordinated effort, involving agencies from 21 countries, has also led […]

208/69 Friday, April 17, 2026 Cybersecurity experts have issued a warning about active exploitation of a critical vulnerability, CVE-2026-33032, affecting Nginx UI-a widely used web-based management interface for Nginx. The flaw stems from support for the Model Context Protocol (MCP), where the /mcp_message endpoint is left unprotected. This allows remote attackers to bypass authentication entirely […]

207/69 Thursday, April 16, 2026 Booking.com has confirmed a data breach after unauthorized individuals accessed certain customer booking information. The affected data may include names, addresses, email addresses, phone numbers, and selected booking details. The company stated that payment information was not impacted and has not disclosed the number of affected users or the attack […]

206/69 Thursday, April 16, 2026 A data leak of approximately 8.1GB has been reported, allegedly linked to Rockstar Games. The cybercriminal group ShinyHunters has claimed responsibility for the breach and has begun releasing portions of the data publicly. The leaked information reportedly includes anti-cheat source code, player analytics data, game assets, and customer support data […]

205/69 Thursday, April 16, 2026 Cybersecurity researchers from Socket have uncovered a large-scale malware campaign embedded within the Chrome Web Store, involving more than 100 malicious browser extensions designed to steal user data. These extensions disguise themselves as tools for managing Telegram, online slot games, and add-ons for platforms like YouTube and TikTok. Analysis of […]