Aggregator

You must login to view this content

You must login to view this content

A systemic numbness to cyberattacks has exposed the U.S. economy and its institutions to ever-widening threats. Retired four-star military officials worry the worst day in cyber is yet to come.

The post Former NSA chiefs worry American offensive edge in cybersecurity is slipping appeared first on CyberScoop.

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Langflow platform to its Known Exploited Vulnerabilities (KEV) catalog on March 25, 2026. The vulnerability, tracked as CVE-2026-33017, involves a highly dangerous code injection issue that is currently being actively exploited in the wild. Langflow operates as a popular […]

The post CISA Warns of Langflow Code Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A critical local privilege escalation vulnerability has been identified in the IDrive Cloud Backup Client for Windows. Tracked as CVE-2026-1995, this local privilege escalation vulnerability affects the IDrive Cloud Backup Client for Windows, specifically targeting versions 7.0.0.63 and earlier. Security researchers at FRSecure discovered that weak permission configurations within the application’s directory could quickly lead to […]

The post IDrive for Windows Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

A new malware campaign called GhostClaw is actively targeting macOS users through fake GitHub repositories and AI-assisted development workflows. The campaign uses social engineering disguised as legitimate developer tools to steal user credentials and drop secondary payloads on infected systems. GhostClaw first surfaced in early March 2026, when JFrog Security Research documented the initial campaign, […]

The post GhostClaw AI Assisted Malware Attacking macOS Users to Deploy Credential-Stealing Payloads appeared first on Cyber Security News.

Russian law enforcement has arrested the suspected administrator of LeakBase, a prominent international hacker forum. The operation, coordinated by the Russian Ministry of Internal Affairs (MVD) alongside the Bureau of Special Technical Measures (BSTM), dismantled a platform that traded in stolen personal data and compromised network access for four years. Authorities apprehended the suspect in […]

The post LeakBase Hacker Forum Admin Arrested in Russia by Law Enforcement Authorities appeared first on Cyber Security News.

A months-long investigation by Rapid7 Labs has exposed a sophisticated, state-sponsored espionage campaign by the China-nexus threat actor Red Menshen, which has embedded some of the most covert digital sleeper cells ever documented inside global telecommunications infrastructure. Released on March 26, 2026, the findings reveal a deliberate shift from opportunistic hacking to long-term pre-positioning within […]

The post Hackers Plant Stealthy BPFdoor Backdoors in Telecom Networks for Long-Term Access appeared first on Cyber Security News.

A China-based threat actor known as Silver Fox, also tracked as Void Arachne, has significantly evolved its attack approach since early 2025, shifting from deploying remote access trojans to distributing a custom Python-based stealer across South Asia. Active since at least 2022, the group first gained attention through mass infection campaigns that used SEO poisoning […]

The post Tax Audit Phishing Campaign Tied to Silver Fox Shifts From RATs to Python Stealers appeared first on Cyber Security News.