DragonForce
You must login to view this content
Aggregator
Google Forms Job Lures Deliver PureHVNC in New Multi-Stage Malware Campaign
1 week 2 days ago
Attackers have found a new way to push malware by weaponizing one of the most trusted everyday tools — Google Forms. A newly identified campaign is exploiting business-themed lures, including fake job interviews, project briefs, and financial documents, to deliver a Remote Access Trojan (RAT) known as PureHVNC onto victim machines. What sets this campaign […]
The post Google Forms Job Lures Deliver PureHVNC in New Multi-Stage Malware Campaign appeared first on Cyber Security News.
Tushar Subhra Dutta
Russian access broker sentenced to over 6 years in prison for ransomware schemes
1 week 2 days ago
A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other […]
The post Russian access broker sentenced to over 6 years in prison for ransomware schemes appeared first on CyberScoop.
Greg Otto
Akira
1 week 2 days ago
You must login to view this content
cohenido
Akira
1 week 2 days ago
You must login to view this content
cohenido
Akira
1 week 2 days ago
You must login to view this content
cohenido
Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
1 week 2 days ago
Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engineering with Cloud Software Group (Citrix’s parent company), stated on Saturday that Cloud Software Group “is not aware of any unmitigated exploit available for either CVE 2026-3055 or CVE 2026-4368.” Still, as both vulnerabilities can be exploited in low-complexity … More →
The post Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055) appeared first on Help Net Security.
Zeljka Zorz
Зашел в чат – остался без планов на жизнь. Claude теперь выдаёт секреты владельца по первому требованию взломщиков
1 week 2 days ago
Уязвимость в Claude.ai открыла хакерам доступ к личным архивам и истории переписки.
Zero Trust: Bridging the Gap Between Authentication and Trust
1 week 2 days ago
Passing MFA doesn't mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health. [...]
Sponsored by Specops Software
HackerOne discloses employee data breach after Navia hack
1 week 2 days ago
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators. [...]
Sergiu Gatlan
Former Ukrainian Foreign Minister Dmytro Kuleba to Address the New Cyber Frontline at Infosecurity Europe
1 week 2 days ago
Geopolitics and cyber warfare take center stage at Infosecurity Europe as Dmytro Kuleba discusses Ukraine’s hybrid war experience
Mimecast expands Incydr with runtime data security for AI and human risk
1 week 2 days ago
Mimecast has announced a major expansion of its Incydr offering with new data security capabilities and a preview of the Agent Risk Center. These enhancements deliver runtime data security through a unified approach to detect, govern, and remediate data exposure in real time, whether driven by employees or agents acting on their behalf. Eighty percent of Fortune 500 companies now run active AI agents, yet only 14% have full security approval for them1. Enterprise data … More →
The post Mimecast expands Incydr with runtime data security for AI and human risk appeared first on Help Net Security.
Industry News
Infinite Campus warns of breach after ShinyHunters claims data theft
1 week 2 days ago
Infinite Campus, a widely used K-12 student information system, is warning customers of a data breach following an extortion attempt by a threat actor. [...]
Bill Toulas
CVE-2026-4724 | Mozilla Firefox up to 148 Audio/Video Remote Code Execution
1 week 2 days ago
A vulnerability was found in Mozilla Firefox up to 148. It has been declared as critical. This affects an unknown function of the component Audio/Video. Such manipulation leads to Remote Code Execution.
This vulnerability is listed as CVE-2026-4724. The attack may be performed from remote. There is no available exploit.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-4728 | Mozilla Firefox up to 148 Anti-Tracking
1 week 2 days ago
A vulnerability was found in Mozilla Firefox up to 148. It has been classified as problematic. The impacted element is an unknown function of the component Anti-Tracking. This manipulation causes an unknown weakness.
This vulnerability is tracked as CVE-2026-4728. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-4727 | Mozilla Firefox up to 148 Libraries denial of service
1 week 2 days ago
A vulnerability was found in Mozilla Firefox up to 148 and classified as problematic. The affected element is an unknown function of the component Libraries. The manipulation results in denial of service.
This vulnerability is identified as CVE-2026-4727. The attack can be executed remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-4726 | Mozilla Firefox up to 148 XML denial of service
1 week 2 days ago
A vulnerability has been found in Mozilla Firefox up to 148 and classified as problematic. Impacted is an unknown function of the component XML. The manipulation leads to denial of service.
This vulnerability is referenced as CVE-2026-4726. Remote exploitation of the attack is possible. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2026-4725 | Mozilla Firefox up to 148 Canvas2D use after free
1 week 2 days ago
A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 148. This issue affects some unknown processing of the component Canvas2D. Executing a manipulation can lead to use after free.
The identification of this vulnerability is CVE-2026-4725. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2026-4723 | Mozilla Firefox up to 148 JavaScript Engine use after free
1 week 2 days ago
A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 148. This vulnerability affects unknown code of the component JavaScript Engine. Performing a manipulation results in use after free.
This vulnerability was named CVE-2026-4723. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-4722 | Mozilla Firefox up to 148 IPC Remote Code Execution
1 week 2 days ago
A vulnerability classified as critical was found in Mozilla Firefox up to 148. This affects an unknown part of the component IPC. Such manipulation leads to Remote Code Execution.
This vulnerability is uniquely identified as CVE-2026-4722. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
vuldb.com