Cybersecurity

A new Mirai-derived botnet called xlabs_v1 is targeting internet-exposed Android devices to build a DDoS-for-hire service.The malware specifically hunts for Android Debug Bridge (ADB)...

Google has expanded its Binary Transparency initiative to the entire Android ecosystem to combat supply chain attacks.The system creates a public cryptographic log, similar...

The Apache Software Foundation has patched a severe, actively exploitable remote code execution (RCE) flaw in its widely used HTTP Server software.The vulnerability, tracked...

Threat actors are actively exploiting CVE-2026-29014, a critical code injection flaw in MetInfo CMS.The vulnerability allows remote, unauthenticated attackers to execute arbitrary PHP code...

The North Korean ScarCruft hacking group compromised a video game platform to deploy the BirdCall backdoor, targeting ethnic Koreans.This supply chain attack, ongoing since...

A phishing campaign codenamed VENOMOUS#HELPER has targeted over 80 organizations, primarily in the U.S., since at least April 2025.Attackers use legitimate Remote Monitoring and...

The China-based Silver Fox group is targeting organizations in Russia and India with a new Python backdoor called ABCDoor.The campaign uses phishing emails disguised...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical Linux flaw to its exploit catalog on May 3, 2026.The vulnerability, CVE-2026-31431 ("Copy...