Cyware Social will be sunset on April 15, 2026. The service is being replaced by Cyware's Daily Threat Intel Briefs,
offering curated security advisories on the latest threats. Enterprise users can contact us here → for more details.

Alerts Events DCR
Filter Alerts by
April 2, 2026

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign is targeting Spanish-speaking users in Latin America and Europe, delivering banking trojans like Casbaneiro and Horabot. The campaign employs dynamic PDF lures, WhatsApp automation, and ClickFix social engineering tactics.
April 2, 2026

'NoVoice' Android malware on Google Play infected 2.3 million devices

The NoVoice Android malware has been discovered on Google Play, infecting over 2.3 million devices. It exploits old Android vulnerabilities to gain root access and primarily targets WhatsApp for data theft.
March 31, 2026

15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow

A critical vulnerability, CVE-2026-25075, has been identified in strongSwan's EAP-TTLS plugin, affecting versions 4.5.0 to 6.0.4. This flaw allows attackers to crash VPN services through an integer underflow, leading to massive memory corruption.
March 31, 2026

New RoadK1ll WebSocket implant used to pivot on breached networks

RoadK1ll is a newly identified Node.js implant that enables threat actors to pivot within breached networks. It blends into normal network activity and does not rely on an inbound listener, using a custom WebSocket protocol for communication.
March 18, 2026

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.
March 18, 2026

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
March 18, 2026

Apple pushes first Background Security Improvements update to fix WebKit flaw

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.
March 16, 2026

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was hijacked to spread crypto-stealing JavaScript code. This incident highlights the risks associated with third-party SDKs in supply-chain attacks.
March 16, 2026

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

Microsoft has released an out-of-band (OOB) hotpatch update for Windows 11 Enterprise devices to address vulnerabilities in the Windows Routing and Remote Access Service (RRAS) that could lead to remote code execution.
March 12, 2026

China-Linked Hackers Hit Qatar with Backdoor Disguised as War News

China-linked hackers, including the Camaro Dragon group, are targeting Qatar with malware disguised as Middle East conflict news. The attackers are focusing on the Gulf's energy industry and military targets, using tools like PlugX and Cobalt Strike.
Load More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Learn More

Trending Tags
Popular Topics
See more