Cyber Security News

A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the first malware known to bypass Google Chrome’s Application-Bound Encryption (ABE) without requiring code injection or elevated system privileges. The variant, introduced in VoidStealer version 2.0 on March 13, 2026, uses a debugger-based technique to silently […]

The post New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation appeared first on Cyber Security News.

A new Android banking trojan named Perseus has emerged in the wild, representing the next step in the ongoing evolution of mobile malware. Built on the leaked source code of Cerberus and drawing directly from the Phoenix codebase, Perseus refines and extends the capabilities of its predecessors. It combines credential theft, real-time device monitoring, and […]

The post Perseus Android Malware Steals User Notes and Enables Full Device Takeover appeared first on Cyber Security News.

The fraud rarely announces itself. It begins with a friendly message on social media, a wrong-number text that turns into a conversation, or a romantic connection that slowly builds over weeks. For tens of thousands of Americans, those innocent interactions have ended in financial ruin — savings wiped out, retirement funds emptied, and assets scattered […]

The post FBI, Thai Partners Target Southeast Asia Scam Centers Behind Cyber Fraud on Americans appeared first on Cyber Security News.

Microsoft has officially announced the general availability of new Microsoft Teams optimizations for the Windows App on both iOS and Android platforms. Released on March 18, 2026, this update introduces the WebRTC Redirector Service to mobile users connecting to Azure Virtual Desktop and Windows 365 environments. For IT administrators and security teams managing distributed workforces, […]

The post Microsoft Unveils New Teams Optimizations for Windows App on iOS & Android appeared first on Cyber Security News.

An urgent warning highlights a critical zero-day in Cisco products, now added to the CISA Known Exploited Vulnerabilities Catalog after active exploitation in ransomware campaigns. Network defenders and security administrators are urged to take immediate action. The rapid exploitation of this vulnerability by financially motivated threat actors highlights the severe risk it poses to enterprise […]

The post CISA Warns of Cisco Secure Firewall Management Center 0-Day Exploited in Ransomware Attacks appeared first on Cyber Security News.

Ransomware attackers have widened their approach to defeating endpoint security, moving well past the technique of exploiting vulnerable drivers. For years, the Bring Your Own Vulnerable Driver (BYOVD) method was the primary way attackers disabled security tools before launching their file-encrypting payloads. Today, that picture has grown much more complex, with threat actors now deploying […]

The post Ransomware Actors Expand EDR Killer Tactics Beyond Vulnerable Drivers appeared first on Cyber Security News.

A critical security advisory addressing multiple high-severity vulnerabilities in Jenkins core and the LoadNinja plugin. Issued on March 18, 2026, the alert warns that these flaws could allow attackers to execute arbitrary code and fully compromise continuous integration and continuous deployment pipelines.​ The most severe flaw, tracked as CVE-2026-33001, stems from how Jenkins handles symbolic […]

The post Critical Jenkins Vulnerabilities Expose CI/CD Servers to RCE Attacks appeared first on Cyber Security News.

A Russian state-linked threat actor has launched a targeted cyberattack against a Ukrainian government agency, exploiting a cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite to steal credentials and sensitive email data. Dubbed “Operation GhostMail,” the campaign stands out for its complete absence of traditional attack indicators — no malicious file attachments, no suspicious links, […]

The post Russian APT Exploits Zimbra XSS to Target Ukrainian Government in ‘Operation GhostMail’ appeared first on Cyber Security News.

Authorities have successfully dismantled the command-and-control (C2) infrastructure powering four massive Internet of Things (IoT) botnets. The U.S. Justice Department, collaborating closely with Canadian and German agencies, targeted the administrators and architecture behind the Aisuru, KimWolf, JackSkid, and Mossad botnets. Together, these malicious networks infected over three million devices globally and launched catastrophic Distributed Denial […]

The post Authorities Disrupt IoT Botnet Infrastructure Behind Record-Breaking 30 Tbps DDoS Attacks appeared first on Cyber Security News.

CISA has added a high-severity vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-66376, this security flaw is currently facing active exploitation in the wild. Organizations utilizing Zimbra must urgently prioritize remediation to prevent unauthorized access and potential data compromise. The vulnerability is a stored cross-site scripting […]

The post CISA Warns of Zimbra Collaboration Suite Vulnerability Exploited in Attacks appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert urging organizations to harden their endpoint management system configurations following a cyberattack on Stryker Corporation, a U.S.-based medical technology firm, on March 11, 2026. The attack targeted Stryker’s Microsoft environment and has prompted CISA to coordinate with the Federal Bureau of Investigation […]

The post CISA Urges Organizations to Secure Microsoft Intune Environments Following Stryker Breach appeared first on Cyber Security News.

Austin, United States, March 19th, 2026, CyberNewswire Cybersecurity has entered a new phase, one defined less by reactive controls and more by continuous, intelligence-driven operations. As attack surfaces expand and adversaries increasingly leverage AI, the modern CISO is tasked with orchestrating resilience at scale. Amid this shift, CISO Whisperer has released its list of “Cybersecurity […]

The post CISO Whisperer Names 11 Vendors Leading the Shift from Tools to Outcomes at RSA Conference 2026 appeared first on Cyber Security News.

Ubiquiti has disclosed two critical-to-high severity vulnerabilities in its widely deployed UniFi Network Application, including a maximum-severity flaw that could allow unauthenticated attackers to seize full control of underlying systems. Organizations running affected versions are urged to patch immediately. CVE-2026-22557: Path Traversal Enables Full System Compromise The more severe of the two flaws, tracked as […]

The post Critical Ubiquiti UniFi Vulnerabilities Allow Attackers to Seize Full Control of Underlying Systems appeared first on Cyber Security News.

The rise of AI-assisted coding has brought real value to developers around the world, but it has also opened a new door for cybercriminals to exploit. A concept known as “vibe coding” — where users simply describe what they want and AI models write the code for them — has now been turned against everyday […]

The post ‘Vibe-Coded’ Malware Campaign Uses Fake Tools, CDNs and File Hosts to Infect Users appeared first on Cyber Security News.

A malicious Python package named pyronut has been discovered on the Python Package Index (PyPI), targeting developers who build Telegram bots by impersonating the popular pyrogram framework. Rather than relying on typosquatting — where a name resembles a legitimate one — the threat actor copied pyrogram’s entire project description word-for-word, creating what researchers describe as a malicious fork, a […]

The post Malicious ‘Pyronut’ Package Backdoors Telegram Bots With Remote Code Execution appeared first on Cyber Security News.

Three chained vulnerabilities in Claude.ai, Anthropic’s widely used AI assistant, that together allow attackers to silently exfiltrate sensitive conversation data and redirect unsuspecting users to malicious websites, all without requiring any integrations, tools, or MCP server configurations. The vulnerability chain, collectively dubbed Claudy Day, was responsibly reported to Anthropic through its Responsible Disclosure Program, and […]

The post Claude Vulnerabilities Allow Data Exfiltration and User Redirection to Malicious Sites appeared first on Cyber Security News.

A well-known banking trojan called Horabot has resurfaced in an active campaign targeting users across Mexico, combining a multi-stage infection chain with an email worm that turns every compromised machine into a phishing relay. The threat bundles a Delphi-based banking trojan with a PowerShell-driven spreader, making it one of the more layered financially motivated threats […]

The post Horabot Banking Trojan Resurfaces in Mexico With Multi-Stage Phishing and Email Worm Tactics appeared first on Cyber Security News.

A popular code editor extension listed on the Open VSX registry was discovered carrying hidden malware that silently fetches and runs a remote access trojan (RAT) and a full infostealer directly onto developer machines without any visible warning sign. The extension, known as fast-draft under the KhangNghiem publisher account, had accumulated over 26,000 downloads before the malicious activity embedded […]

The post Backdoored Open VSX Extension Used GitHub Downloader to Deploy RAT and Stealer appeared first on Cyber Security News.

A threat actor with ties to Iran has had their entire working infrastructure exposed after carelessly leaving an open directory on their own staging server, handing researchers a rare look into a live botnet operation. The leak revealed a 15-node relay network, a mass SSH deployment framework, DDoS tooling compiled on victim machines, and a […]

The post Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network appeared first on Cyber Security News.

A North Korea-linked hacking group known as WaterPlum has introduced a dangerous new malware called StoatWaffle, deploying it through compromised Visual Studio Code (VSCode) repositories disguised as legitimate blockchain development projects to silently infiltrate developer machines.​ WaterPlum has been running a campaign known as “Contagious Interview” for some time, drawing victims in through fake job […]

The post WaterPlum Deploys New ‘StoatWaffle’ Malware in VSCode-Based Supply Chain Campaign appeared first on Cyber Security News.