Cyber Security News

The official Telnyx Python SDK on PyPI was compromised this morning as part of an escalating, weeks-long supply chain campaign orchestrated by the threat actor group TeamPCP. Malicious versions 4.87.1 and 4.87.2 of the telnyx package were uploaded to PyPI at 03:51 UTC on March 27, 2026, with the payload executing silently at import time […]

The post Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack appeared first on Cyber Security News.

Red Hat has issued a critical security warning regarding malicious code discovered in recent versions of the “xz” compression tools and libraries. Tracked as CVE-2024-3094, this highly sophisticated supply chain compromise could allow threat actors to bypass authentication and gain unauthorized remote access to affected Linux systems. The xz utility is a fundamental data compression […]

The post Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems appeared first on Cyber Security News.

Cloud Software Group has issued a critical security bulletin detailing two newly discovered vulnerabilities affecting customer-managed NetScaler ADC and NetScaler Gateway appliances. These flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow remote attackers to leak sensitive information or cause user session mixups. Network administrators and security teams are strongly urged to apply the latest security […]

The post Critical Citrix NetScaler and Gateway Vulnerabilities Let Remote Attackers Leak Sensitive Information appeared first on Cyber Security News.

A new macOS malware that was undocumented previously, is quietly tricking users through fake Cloudflare human verification pages. Called Infiniti Stealer, this threat uses a well-known social engineering trick called ClickFix to convince Mac users into running dangerous commands directly on their own machines, bypassing the need for any software vulnerability or exploit. For a […]

The post Fake Cloudflare CAPTCHA Pages Spread Infiniti Stealer Malware on macOS Systems appeared first on Cyber Security News.

A newly analyzed local privilege escalation vulnerability in the Windows Error Reporting (WER) service allows attackers to easily gain full SYSTEM access. The flaw, tracked as CVE-2026-20817, was considered so structurally dangerous that Microsoft completely removed the vulnerable feature rather than attempting a traditional code patch.​ The security flaw exists within the main executable library […]

The post New Windows Error Reporting Vulnerability Lets Attackers Escalate to Gain SYSTEM Access appeared first on Cyber Security News.

The Internet Systems Consortium (ISC) has released a critical security advisory warning network administrators of a high-severity vulnerability affecting the Kea DHCP server. Tracked as CVE-2026-3608, this flaw allows unauthenticated remote attackers to trigger a stack overflow error. When successfully exploited, the vulnerability causes the receiving daemon to crash, resulting in a sudden and total […]

The post ISC Warns of High-Severity Kea DHCP Flaw That Can Crash Services Remotely appeared first on Cyber Security News.

A social engineering technique called ClickFix has resurfaced with significant force, tricking users on both Windows and macOS into manually executing malicious commands that quietly install malware on their devices. First documented in late 2023, the method has rapidly grown from a niche tactic into one of the most widely adopted initial access strategies across […]

The post New ClickFix Attack Leverage Windows Run Dialog Box and macOS Terminal to Deploy Malware appeared first on Cyber Security News.

A threat actor known as “Snow” from SnowTeam posted an advertisement on the Russian-speaking TierOne (T1) cybercrime forum on March 25, 2026, introducing a new criminal service called Leak Bazaar. The platform is not a traditional data leak site. Instead, it presents itself as a post-exfiltration processing service — one that takes raw stolen corporate […]

The post Leak Bazaar Turns Stolen Corporate Data Into a Structured Criminal Marketplace appeared first on Cyber Security News.

A new and technically advanced rootkit called VoidLink has emerged as a serious threat to Linux systems, blending Loadable Kernel Modules (LKMs) with extended Berkeley Packet Filter (eBPF) programs to hide deep inside the operating system’s core. First documented by Check Point Research in January 2026, VoidLink is a cloud-native Linux malware framework written in […]

The post VoidLink Rootkit Uses eBPF and Kernel Modules to Hide Deep Inside Linux Systems appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Langflow platform to its Known Exploited Vulnerabilities (KEV) catalog on March 25, 2026. The vulnerability, tracked as CVE-2026-33017, involves a highly dangerous code injection issue that is currently being actively exploited in the wild. Langflow operates as a popular […]

The post CISA Warns of Langflow Code Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A critical local privilege escalation vulnerability has been identified in the IDrive Cloud Backup Client for Windows. Tracked as CVE-2026-1995, this local privilege escalation vulnerability affects the IDrive Cloud Backup Client for Windows, specifically targeting versions 7.0.0.63 and earlier. Security researchers at FRSecure discovered that weak permission configurations within the application’s directory could quickly lead to […]

The post IDrive for Windows Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

A new malware campaign called GhostClaw is actively targeting macOS users through fake GitHub repositories and AI-assisted development workflows. The campaign uses social engineering disguised as legitimate developer tools to steal user credentials and drop secondary payloads on infected systems. GhostClaw first surfaced in early March 2026, when JFrog Security Research documented the initial campaign, […]

The post GhostClaw AI Assisted Malware Attacking macOS Users to Deploy Credential-Stealing Payloads appeared first on Cyber Security News.

Russian law enforcement has arrested the suspected administrator of LeakBase, a prominent international hacker forum. The operation, coordinated by the Russian Ministry of Internal Affairs (MVD) alongside the Bureau of Special Technical Measures (BSTM), dismantled a platform that traded in stolen personal data and compromised network access for four years. Authorities apprehended the suspect in […]

The post LeakBase Hacker Forum Admin Arrested in Russia by Law Enforcement Authorities appeared first on Cyber Security News.

A months-long investigation by Rapid7 Labs has exposed a sophisticated, state-sponsored espionage campaign by the China-nexus threat actor Red Menshen, which has embedded some of the most covert digital sleeper cells ever documented inside global telecommunications infrastructure. Released on March 26, 2026, the findings reveal a deliberate shift from opportunistic hacking to long-term pre-positioning within […]

The post Hackers Plant Stealthy BPFdoor Backdoors in Telecom Networks for Long-Term Access appeared first on Cyber Security News.

A China-based threat actor known as Silver Fox, also tracked as Void Arachne, has significantly evolved its attack approach since early 2025, shifting from deploying remote access trojans to distributing a custom Python-based stealer across South Asia. Active since at least 2022, the group first gained attention through mass infection campaigns that used SEO poisoning […]

The post Tax Audit Phishing Campaign Tied to Silver Fox Shifts From RATs to Python Stealers appeared first on Cyber Security News.

A new Malware-as-a-Service (MaaS) credential stealer named Torg Grabber has surfaced, showing remarkable development pace over just three months. Starting with simple Telegram-based data exfiltration, it matured into a fully encrypted REST API command-and-control (C2) infrastructure. With 334 samples compiled in that short period and more than 40 confirmed operator tags found in the binaries, […]

The post New Torg Grabber Stealer Moves From Telegram Exfiltration to Encrypted REST API C2 appeared first on Cyber Security News.

Multifactor authentication operates as a critical defense mechanism for securing user identities against targeted cyber attacks. Microsoft reports that implementing MFA effectively reduces the risk of account compromise by more than 99%. To expand these protections, Microsoft has announced the General Availability of external multifactor authentication for Microsoft Entra ID. This release removes previous platform […]

The post Microsoft Entra ID New Feature Removes MFA Limitations for Users appeared first on Cyber Security News.

OpenAI has announced the launch of a public Safety Bug Bounty program to identify AI abuse and safety risks across its products. Hosted on Bugcrowd, the new initiative marks a significant step in the company’s efforts to address vulnerabilities that fall outside the scope of traditional security flaws but still pose real-world harm potential. The […]

The post OpenAI Launches AI Safety Bug Bounty to Detect AI-Specific Vulnerabilities appeared first on Cyber Security News.

A newly discovered malware loader called Kiss Loader has emerged as a serious threat, using advanced code injection techniques to quietly infiltrate Windows systems without raising alarms. First spotted in early March 2026, it marks the beginning of a carefully built attack campaign that was still actively under development when researchers first caught it. Kiss […]

The post New Kiss Loader Malware Uses Early Bird APC Injection in Emerging Attack Campaign appeared first on Cyber Security News.

A new and carefully crafted software supply chain campaign is targeting developers through the npm package registry, using fake installation messages to hide malicious activity. The campaign, which security researchers have named the “Ghost campaign,” began in early February 2026 and relies on a set of npm packages built to deceive developers into surrendering their […]

The post Fake npm Install Messages Hide RAT Malware in New Open Source Supply Chain Campaign appeared first on Cyber Security News.