Latest Internet & Cybersecurity News
CISA Adds SimpleHelp, Samsung, and D-Link Flaws to Known Exploited Vulnerabilities Catalog
The U.S. CISA has added vulnerabilities in SimpleHelp, Samsung Magic NF9 server (CVE-2024-7399), and D-Link to its Known Exploited Vulnerabilities catalog. Organizations are urged to patch immediately as these flaws are actively exploited.
Checkmarx Supply Chain Attack Impacts Bitwarden npm Distribution
A supply chain attack on Checkmarx has compromised the Bitwarden npm distribution path. This incident highlights ongoing risks in software supply chains.
Over 400,000 Sites at Risk from Breeze Cache Plugin Flaw (CVE-2026-3844)
Hackers are exploiting a critical flaw in the Breeze Cache WordPress plugin, putting over 400,000 sites at risk. Site owners must update to mitigate threats.
CISA Reports Persistent FIRESTARTER Backdoor on Cisco ASA in Federal Network
CISA identified a persistent FIRESTARTER backdoor on a Cisco ASA device within a federal network. The backdoor remains active despite mitigation efforts.
Trigona Ransomware Adopts Custom Tool for Data Theft and Evasion
The Trigona ransomware group now uses a custom tool to exfiltrate data and evade detection. This evolution increases the threat to victims.
12-Year-Old Pack2TheRoot Bug Allows Linux Root Privilege Escalation
A 12-year-old vulnerability in Linux, dubbed Pack2TheRoot, enables users to gain root privileges. Systems should be patched to prevent exploitation.
Signal Phishing Campaign Targets Germany's Bundestag President Julia Klockner
Phishers are using Signal to target Julia Klockner, President of Germany's Bundestag. This campaign underscores risks in secure messaging apps.
US State Dept Warns Globally of AI Thefts by DeepSeek and Chinese Firms
The US State Department issued a diplomatic cable alerting posts worldwide about Chinese firms like DeepSeek stealing US AI IP. It warns of risks from distilled models lacking security.
Medtronic Discloses Cybersecurity Breach in Corporate IT Systems
Medical device giant Medtronic revealed an unauthorized party accessed data in certain IT systems. The breach impacts corporate operations.
Japan Forms Task Force on AI Security Risks from Anthropic's Mythos Model
Japan is establishing a task force to address cybersecurity risks in finance from Anthropic's Mythos AI model. Discussions focus on sector vulnerabilities.
Chernobyl Virus Turns 27, Capable of Bricking PCs via BIOS Overwrite
The destructive Chernobyl virus, now 27 years old, could overwrite BIOS firmware to brick systems in ways modern malware cannot. It serves as a reminder of persistent threats.
WinRAR Exploit Still Used by China and Russia State Actors Despite Patch
A patched WinRAR exploit continues to be widely used by Chinese and Russian state actors. Users must ensure latest updates are applied.