Cyware Social will be sunset on April 15, 2026. The service is being replaced by Cyware's Daily Threat Intel Briefs,
offering curated security advisories on the latest threats. Enterprise users can contact us here → for more details.

Alerts Events DCR
Filter Alerts by
March 18, 2026

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.
March 18, 2026

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
March 18, 2026

Apple pushes first Background Security Improvements update to fix WebKit flaw

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.
March 16, 2026

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was hijacked to spread crypto-stealing JavaScript code. This incident highlights the risks associated with third-party SDKs in supply-chain attacks.
March 16, 2026

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

Microsoft has released an out-of-band (OOB) hotpatch update for Windows 11 Enterprise devices to address vulnerabilities in the Windows Routing and Remote Access Service (RRAS) that could lead to remote code execution.
March 12, 2026

China-Linked Hackers Hit Qatar with Backdoor Disguised as War News

China-linked hackers, including the Camaro Dragon group, are targeting Qatar with malware disguised as Middle East conflict news. The attackers are focusing on the Gulf's energy industry and military targets, using tools like PlugX and Cobalt Strike.
March 9, 2026

Middle East Conflict Fuels Cyber Attacks

The ongoing Middle East conflict has led to a surge in opportunistic cyber attacks. Threat actors are exploiting the situation through phishing, malware distribution, and scams, with notable malware including LOTUSLITE and StealC.
March 9, 2026

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Velvet Tempest, also known as DEV-0504, is a threat group involved in ransomware attacks for over five years. They have been linked to ransomware strains such as Ryuk, REvil, Conti, BlackMatter, BlackCat/ALPHV, LockBit, and RansomHub.
March 9, 2026

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

A critical vulnerability in Nginx UI, identified as CVE-2026-27944, allows attackers to download and decrypt server backups without authentication. This flaw poses a significant risk by exposing sensitive data.
March 6, 2026

WordPress membership plugin bug exploited to create admin accounts

A critical vulnerability in the User Registration & Membership plugin for WordPress is being actively exploited. This flaw allows attackers to create administrator accounts without authentication, affecting over 60,000 sites.
Load More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Learn More

Trending Tags
Popular Topics
See more