The vulnerability in TeamT5 ThreatSonar Anti-Ransomware allows remote attackers with administrator privileges to upload malicious files, potentially leading to arbitrary command execution on the server.

Keenadu is a sophisticated backdoor targeting Android devices by embedding itself into the firmware. It mirrors the behavior of the Triada backdoor, allowing attackers to control devices remotely and exfiltrate data.

The SmartLoader campaign involves a sophisticated attack using a trojanized Oura MCP server to deploy the StealC infostealer. Threat actors have invested months in building credibility by creating fake GitHub accounts and repositories.

A recent study by academic researchers uncovered 27 vulnerabilities in popular cloud-based password managers: Bitwarden, LastPass, Dashlane, and 1Password. These vulnerabilities allow attackers to view and change passwords.

OpenClaw, formerly known as ClawdBot and MoltBot, is a widely adopted AI assistant framework that has become a target for infostealer malware. This malware is capable of stealing sensitive configuration files.

CVE-2026-1731, a critical unauthenticated OS command injection vulnerability, is being actively exploited in self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments.

A novel ClickFix-style attack has been identified, utilizing JavaScript to hijack cryptocurrency swaps on Swapzone.io. This is one of the first known instances where JavaScript is used to alter webpage functionality for malicious purposes.

The Lazarus Group, a North Korean APT, has launched a sophisticated campaign using malicious npm and PyPI packages. This operation, known as 'graphalgo', targets developers through fake recruitment schemes.

A malicious campaign involving 30 Chrome extensions, known as AiFrame, has been identified, affecting over 300,000 users. These extensions masquerade as AI assistants to steal credentials, email content, and browsing information.

World Leaks, a notorious cyber-criminal group, has enhanced its attack arsenal with a new malware named 'RustyRocket'. This sophisticated toolset is a critical component of World Leaks' operations.