A newly identified Linux kernel vulnerability, termed “DirtyClone” (CVE-2026-43503), enables unprivileged local users to escalate their privileges to root by manipulating cloned network packets through […]
Category: Cybersecurity News
Stay informed about the ever-evolving world of digital threats and defenses with our Cyber Security News category. Here, you’ll find the latest breaking news, in-depth analysis, and expert insights on everything related to cybersecurity. From data breaches and ransomware attacks to emerging threats and innovative security solutions, we cover the critical issues impacting individuals, businesses, and governments worldwide. Keep up-to-date on the latest vulnerabilities, best practices, and trends shaping the future of online security.
Chinese APT Deploys TinyRCT Backdoor in Southeast Asia Attacks
A Chinese-speaking advanced persistent threat (APT) group, identified as CL-STA-1062, has been implicated in cyber attacks targeting government entities and critical infrastructure across Southeast Asia. […]
Amazon Q Vulnerability Exposed Developers to Code Execution and Credential Theft
Amazon’s AI-powered coding assistant, Amazon Q, recently faced a significant security vulnerability that exposed developers to potential arbitrary code execution and cloud credential theft. Identified […]
New Linux Kernel Exploit Grants Root Access via pedit COW Vulnerability
A recently disclosed vulnerability in the Linux kernel combines a Copy-on-Write (COW) page-cache corruption flaw with the ‘net/sched’ subsystem’s ‘act_pedit’ component, enabling unprivileged local attackers […]
Amazon Q Developer Flaw Exposed Cloud Credentials via Malicious Repos
A critical vulnerability in Amazon Q Developer, identified as CVE-2026-12957 with a CVSS score of 8.5, allowed malicious repositories to execute arbitrary code on developers’ […]
Hackers Exploit Weak Credentials in Water Utility PLCs
Water utilities across the United States and Europe are increasingly vulnerable to cyberattacks due to inadequate security measures. Threat actors, including nation-state groups, are exploiting […]
Bluekit PhaaS Bypasses MFA to Steal Microsoft Credentials
A sophisticated Phishing-as-a-Service (PhaaS) platform named Bluekit has emerged as a significant threat, with cybersecurity firm Netcraft identifying approximately 70 active hostnames associated with it […]
Russia Used Cellebrite on Jailed Activist’s iPhone After Sales Halt
In June 2021, Russian authorities utilized Cellebrite’s Universal Forensic Extraction Device (UFED) to access the iPhone of detained opposition activist Andrey Pivovarov. This occurred three […]
Hotels Targeted by ‘Photo.zip’ Phishing with Node.js Malware
Since April 2026, a sophisticated phishing campaign has been targeting hotels and hospitality organizations across Europe and Asia. The attackers employ deceptive emails with photo-themed […]
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Cybersecurity researchers have identified a new evolution in the Miasma malware campaign, which has now compromised additional npm packages and extended its reach to the […]