A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities. The security… Read More »Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability… Read More »Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Google on Thursday announced a new “advanced flow” for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness… Read More »Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing attacks and iterate on malware. Now, cybercriminals are using AI to generate… Read More »The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by several Internet of Things (IoT) botnets like AISURU, Kimwolf, JackSkid, and Mossad as… Read More »DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna… Read More »Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. “Speagle is designed to surreptitiously harvest sensitive information… Read More »Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a… Read More »54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at once. Just a lot of small things… Read More »ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
Cybersecurity researchers have disclosed a new Android malware family called Perseus that’s being actively distributed in the wild with an aim to conduct device takeover (DTO) and financial fraud. Perseus… Read More »New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data