Cyber Security News

A widely used open-source web-based IMAP email client, Roundcube Webmail, has released version 1.6.14, delivering critical security patches to fix multiple severe vulnerabilities in the 1.6.x branch. The release resolves a complex range of security issues, spanning from pre-authentication arbitrary file write risks to cross-site scripting (XSS) and server-side request forgery (SSRF). System administrators are […]

The post Roundcube Webmail Security Updates Patches Multiple Critical Vulnerabilities appeared first on Cyber Security News.

Google has rolled out an urgent security update for the Chrome browser to address eight high-severity vulnerabilities. These newly patched security flaws could allow threat actors to execute arbitrary code remotely, posing a significant risk to user data and system integrity. The stable channel is currently receiving updates to version 146.0.7680.164 or 146.0.7680.165 for Windows […]

The post Chrome Security Update Fixes 8 Vulnerabilities Allowing Remote Code Execution appeared first on Cyber Security News.

Cybercriminals have set their sights on Android users through a well-crafted phishing scheme that disguises malicious applications as beta-testing opportunities for ChatGPT and Meta advertising tools. What appears to be a legitimate app-testing invitation turns out to be a carefully planned attempt to steal Facebook credentials and seize full control of user accounts. This campaign […]

The post Hackers Attacking Android Users With Fake ChatGPT Invites to Deploy Malware appeared first on Cyber Security News.

Sparks, Nevada — March 6, 2026  NAKIVO Inc. announced the release of NAKIVO Backup & Replication v11.2, offering expanded platform support, enhanced security and faster disaster recovery for organizations worldwide. This version is the product of a focused engineering roadmap, while NAKIVO’s international growth reflects deepening market demand for reliable, cost-effective data protection.  What v11.2 Delivers  The update […]

The post NAKIVO Backup & Replication Launches v11.2 with Automated Real-Time Replication and VMware vSphere 9 Support  appeared first on Cyber Security News.

A massive attack surface involving outdated Microsoft Internet Information Services (IIS) servers. During Shadowserver’s daily network scans on March 23, 2026, researchers identified over 511,000 End-of-Life (EOL) IIS instances actively connected to the internet. This widespread exposure presents a serious security risk for organizations worldwide, as these obsolete servers no longer receive standard security patches. […]

The post 511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now! appeared first on Cyber Security News.

Mazda Motor Corporation has officially disclosed a security incident involving unauthorized external access to an internal warehouse management system, potentially exposing 692 personal data records of employees, group company staff, and business partners. The Japanese automaker published its formal breach notification on March 19, 2026, revealing that the intrusion had first been detected in mid-December […]

The post Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability appeared first on Cyber Security News.

Every April, millions of Americans rush to file taxes before the deadline — and attackers count on it. A large-scale malvertising campaign, active since at least January 2026, has been exploiting that urgency by placing fake tax form pages through Google Ads, ultimately deploying a kernel-mode EDR killer on victim machines. The campaign targeted U.S. […]

The post Tax-Themed Google Ads Lead to BYOVD EDR Killer in Huntress-Traced Malvertising Campaign appeared first on Cyber Security News.

A sophisticated SEO poisoning campaign has been quietly targeting Windows users since at least October 2025, luring them into downloading trojanized installers for more than 25 popular software applications. The operation went undetected for roughly five months before investigators uncovered its full scope in March 2026, revealing a multi-stage infection chain that silently compromises victims’ […]

The post SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025 appeared first on Cyber Security News.

QNAP has released a critical security advisory addressing a severe vulnerability in its QVR Pro surveillance software. Tracked as CVE-2026-22898, this flaw allows remote, unauthenticated attackers to gain unauthorized access to affected systems. Users relying on QVR Pro 2.7. x must immediately apply the latest patches to secure their network-attached storage environments against potential intrusions. […]

The post Critical QNAP QVR Pro Vulnerability Let Remote Attackers Gain Access to the System appeared first on Cyber Security News.

Cloud Software Group has released urgent security patches for NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), addressing two significant vulnerabilities that could allow unauthenticated remote attackers to compromise affected systems. Organizations running customer-managed deployments are strongly urged to apply the updates immediately. CVE-2026-3055: Critical Out-of-Bounds Read via SAML IDP The more […]

The post Critical NetScaler ADC and Gateway Vulnerabilities Enable Remote Attacks on Affected Systems appeared first on Cyber Security News.

A Libyan oil refinery, a telecoms organization, and a state institution fell victim to a coordinated espionage campaign between November 2025 and February 2026. The attacks delivered AsyncRAT, a publicly available remote access Trojan with a documented history of use by state-sponsored threat groups, raising immediate concerns about the security of Libya’s critical infrastructure. AsyncRAT […]

The post Libyan Oil Refinery Hit in Long-Running Espionage Campaign Using AsyncRAT appeared first on Cyber Security News.

A sophisticated macOS infostealer known as MioLab — also tracked as Nova — has emerged as one of the most advanced Malware-as-a-Service (MaaS) platforms targeting Apple users. Advertised on Russian-speaking underground forums, MioLab marks a shift in the threat landscape, proving macOS is no longer a low-risk target. As Apple’s market share grows among software […]

The post MacOS Stealer MioLab Adds ClickFix Delivery, Wallet Theft and Team API Tools appeared first on Cyber Security News.

A newly discovered Android remote access trojan known as Oblivion RAT has emerged on cybercrime networks as a complete malware-as-a-service (MaaS) platform, turning fake Google Play Store update pages into a full-scale spyware operation. First reported by Certo Software, the threat has drawn attention because of how polished and ready-to-deploy the operation is, covering everything […]

The post Oblivion RAT Turns Fake Play Store Updates Into a Full-Service Android Spyware Operation appeared first on Cyber Security News.

A supply chain attack targeting Trivy, the widely used open-source vulnerability scanner, has grown well beyond its initial scope. What started as a GitHub Actions compromise has now extended to Docker Hub, where three malicious Docker image versions were silently published and made publicly available to developers worldwide. Trivy is trusted by thousands of DevSecOps […]

The post Trivy Supply Chain Attack Expands as Compromised Docker Images Hit Docker Hub appeared first on Cyber Security News.

Microsoft has released an out-of-band (OOB) update, KB5085516, for Windows 11 versions 25H2 and 24H2 to address a critical sign-in issue introduced by the March 2026 Patch Tuesday update. The emergency patch, released on March 21, 2026, targets a bug that falsely reports “no Internet” errors when users attempt to sign in to Microsoft services […]

The post Windows 11 Emergency Update to Fix ‘No Internet’ Sign-In Errors for OneDrive, Teams, and More appeared first on Cyber Security News.

A critical vulnerability in Craft CMS (CVE-2025-32432) has been added to the Known Exploited Vulnerabilities catalog following confirmed active exploitation in the wild. Security teams and system administrators are advised to address this issue immediately to prevent severe network compromises. The vulnerability is a severe code injection flaw, categorized under CWE-94, which involves improper control […]

The post CISA Warns of Craft CMS Code Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A recent security assessment by researchers has uncovered nine severe vulnerabilities across four popular low-cost IP-KVM devices. These flaws uncovered by Eclypsium allow attackers to gain complete, BIOS-level control over connected systems, effectively bypassing all operating system security controls and Endpoint Detection and Response (EDR) agents. Compromising a Keyboard, Video, and Mouse (KVM) device gives […]

The post $30 IP-KVM Flaws Could Give Attackers BIOS-Level Control Across Enterprise Networks appeared first on Cyber Security News.

A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked to a group tracked as “TeamPCP,” compromises legitimate publisher namespaces and pushes poisoned package versions, effectively turning trusted developer tools into silent delivery mechanisms for credential-stealing code. CanisterWorm first came to public […]

The post New CanisterWorm Steals npm Tokens and Spreads Through Compromised Publisher Accounts appeared first on Cyber Security News.

An urgent warning regarding three critical Apple vulnerabilities that threat actors are actively exploiting in the wild. These security flaws, officially tracked as CVE-2025-31277, CVE-2025-43510, and CVE-2025-43520, were recently added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. Security researchers have linked this specific triad of vulnerabilities to the sophisticated DarkSword iOS exploit chain, which attackers use […]

The post CISA Warns of Apple Vulnerabilities Linked to DarkSword iOS Exploit Chain Exploited in Attacks appeared first on Cyber Security News.

A new malware campaign is targeting organizations across healthcare, government, education, and hospitality sectors using cleverly disguised copyright violation notices to deliver PureLog Stealer, a powerful information-stealing malware. The campaign, first analyzed in March 2026, tricks victims into executing a malicious file that looks like a legitimate legal document. Once opened, the file sets off […]

The post Copyright-Themed Lures Deliver Multi-Stage PureLog Stealer in New Credential Theft Campaign appeared first on Cyber Security News.