Cyber Security News

One of the most widely used JavaScript libraries in the world was turned into a weapon on March 30, 2026, when attackers poisoned the Axios npm package and silently deployed malware on developer machines running Windows, macOS, and Linux. With over 100 million weekly downloads, Axios is the most popular HTTP client in the JavaScript […]

The post Hackers Use Poisoned Axios Package and Phantom Dependency to Spread Cross-Platform Malware appeared first on Cyber Security News.

A high-severity security bypass vulnerability in Anthropic’s Claude Code AI coding agent allows malicious actors to silently evade user-configured deny rules through a simple command-padding technique, exposing hundreds of thousands of developers to credential theft and supply chain compromise. According to Adversa, the flaw was traced to bashPermissions.ts (lines 2162–2178), stems from a performance optimization […]

The post Critical Claude Code Flaw Silently Bypasses Developer-Configured Security Rules appeared first on Cyber Security News.

Cybercriminals are launching a sophisticated new wave of attacks using fake Microsoft Teams domains. According to recent threat intelligence shared by SEAL Org, hackers are actively tricking corporate users into downloading malicious payloads by mimicking the widely used communication platform. As Microsoft Teams remains an essential tool for remote and hybrid work environments, threat actors are […]

The post Hackers Using Fake “Microsoft Teams” Domains to Attack Users Via Malicious Payload appeared first on Cyber Security News.

A new Remote Access Trojan (RAT) called ResokerRAT has been found targeting Windows systems by abusing Telegram’s widely used Bot API to receive commands and send stolen data back to attackers. Unlike traditional malware that relies on custom command-and-control servers, this threat routes all communications through a trusted messaging platform, making it far harder for […]

The post New ResokerRAT Uses Telegram Bot API to Control Infected Windows Systems appeared first on Cyber Security News.

A new open-source penetration testing framework called METATRON is gaining attention in the security research community for its fully offline, AI-driven approach to vulnerability assessment. Built for Parrot OS and other Debian-based Linux distributions, METATRON combines automated reconnaissance tooling with a locally hosted large language model (LLM), eliminating the need for cloud connectivity, API keys, […]

The post METATRON – Open-Source AI Penetration Testing Assistant Brings Local LLM Analysis to Linux appeared first on Cyber Security News.

A coordinated supply chain attack has been uncovered targeting developers who build applications on Strapi, a widely used open-source content management system. Thirty-six malicious npm packages disguised as legitimate Strapi plugins were published to the npm registry, carrying payloads designed to exploit Redis for remote code execution, steal credentials, and establish persistent command-and-control access on […]

The post 36 Malicious npm Strapi Packages Used to Deploy Redis RCE and Persistent C2 Malware appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting TrueConf software to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-3502, this security flaw is currently facing active exploitation in the wild. The discovery has prompted federal agencies and private organizations to take immediate defensive action to secure their networks. […]

The post CISA Adds TrueConf Vulnerability to KEV Catalog Following Active Exploitation appeared first on Cyber Security News.

The Shadowserver Foundation has issued an urgent warning to FortiClient Enterprise Management Server (EMS) administrators after identifying over 2,000 publicly accessible instances globally, two of which are now confirmed to be actively exploited through critical unauthenticated remote code execution (RCE) vulnerabilities. Two vulnerabilities, CVE-2026-35616 and CVE-2026-21643, both classified as unauthenticated RCE flaws, were exploited in […]

The post 2,000+ FortiClient EMS Instances Exposed Online Amid Active RCE Vulnerability Exploits in the Wild appeared first on Cyber Security News.

Researchers at Google DeepMind have published a comprehensive study revealing that autonomous AI agents browsing the web are deeply vulnerable to a new class of attacks called “AI Agent Traps,” which are adversarial content engineered into websites and digital resources to manipulate, deceive, or exploit visiting AI systems. The research, authored by Matija Franklin, Nenad […]

The post Google DeepMind Researchers Warn Hackers Can Hijack AI Agents Through Malicious Web Content appeared first on Cyber Security News.

Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by threat actors. Tracked as CVE-2026-35616 and carrying a CVSSv3 score of 9.1 (Critical), the flaw enables unauthenticated attackers to bypass API authentication and authorization controls entirely, allowing them to execute arbitrary […]

The post Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

A dangerous attack chain in Progress ShareFile that can allow attackers to take over exposed on-premises servers without first logging in. The issues affect customer-managed ShareFile Storage Zones Controller 5.x deployments, and Progress says customers should upgrade to version 5.12.4 or move to any 6.x release, which is not impacted. According to Progress and WatchTower, […]

The post New Progress ShareFile Bugs Let Attackers Take Over Servers Without Logging In appeared first on Cyber Security News.

The cybersecurity community is on high alert following a massive source code leak from Anthropic. On March 31, 2026, the company accidentally exposed the complete source code for Claude Code, its flagship terminal-based coding assistant. The leak occurred due to a packaging error in a public npm package, which inadvertently included a JavaScript source map […]

The post Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware appeared first on Cyber Security News.

A highly coordinated social engineering campaign is actively targeting top open-source developers in the Node.js and npm ecosystem. Following the recent compromise of the popular package Axios, which sees over 100 million weekly downloads, several high-impact software maintainers have reported similar attacks. Security researchers believe this is a strategic shift by advanced threat actors aiming […]

The post Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme appeared first on Cyber Security News.

User Access Management tools centralize control over user permissions and access, providing a unified platform to enforce consistent security policies across diverse systems and applications. They enhance security by implementing role-based access controls, monitoring user activity, preventing unauthorized access, mitigating potential risks, and safeguarding sensitive information. These tools support compliance efforts with detailed audit trails […]

The post Top 10 Best User Access Management Tools in 2026 appeared first on Cyber Security News.

In ever-changing technology and networks, privacy is becoming increasingly difficult to achieve. People are so used to using the Internet and IoT devices that the sensitive data they share on the web has become a prime target for hackers or malicious actors. As we all know, data is crucial. Protecting data is vital since even […]

The post Top 10 Best VPN For Chrome in 2026 appeared first on Cyber Security News.

Every time you open LinkedIn in a Chrome-based browser, hidden JavaScript silently scans your computer for installed software without your knowledge, without your consent, and without a single word in LinkedIn’s privacy policy. A revealing investigation conducted by the European advocacy group Fairlinked e.V., under the campaign name “BrowserGate,” has uncovered what researchers describe as […]

The post LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions appeared first on Cyber Security News.

Anthropic has officially pulled the plug on third-party AI agent access to the Claude subscription, marking a significant shift in how users can leverage its models outside the company’s native ecosystem. According to Anthropic Claude Code exec Boris Cherny, starting today, April 4, at 12 p.m. PT (8 p.m. BST), Claude Pro and Max subscribers […]

The post Anthropic Officially Ends Claude Subscriptions for Third-Party Tools Like OpenClaw appeared first on Cyber Security News.

The Growing Profile of Casino Targets The gaming industry has become a primary target for sophisticated cybercriminal groups. This interest is driven not only by the high volume of daily financial transactions but also by the vast repositories of sensitive personal data managed by these organizations. As traditional brick-and-mortar establishments transition into digital ecosystems, the […]

The post High-Stakes Security: Protecting the Digital Infrastructure of the Gaming Industry appeared first on Cyber Security News.

A critical security flaw in F5’s BIG-IP Access Policy Manager (APM) is currently under active exploitation, leaving thousands of enterprise networks at risk. The vulnerability, officially tracked as CVE-2025-53521, has sparked urgent warnings across the cybersecurity community after its impact was upgraded from a standard Denial-of-Service (DoS) to a severe Remote Code Execution (RCE) flaw. […]

The post 14,000+ F5 BIG-IP APM Devices Exposed Online Amid Active RCE Vulnerability Exploits appeared first on Cyber Security News.

A North Korean threat group known as Kimsuky has been caught running a cyberattack campaign that uses malicious Windows shortcut files, known as LNK files, to quietly install a Python-based backdoor on victim systems. The attack stays hidden across multiple stages, making it harder for security tools to detect before the final payload reaches the […]

The post Kimsuky Deploys Malicious LNK Files to Deliver Python-Based Backdoor in Multi-Stage Attack appeared first on Cyber Security News.