Latest IntelligencePage 78
Search by keyword →
Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server
The most severe of these security defects could allow remote attackers to execute arbitrary code. The post Critical, High-Severity Vulnerabilities Patched in Ap...
Attackers Abuse Amazon SES to Send Authenticated Phishing Emails That Bypass Security
Threat actors are increasingly turning to Amazon’s own cloud email infrastructure to deliver phishing messages that look completely genuine, passing every...
PoC tool extracts cleartext passwords from Microsoft Edge memory
A newly released proof-of-concept (PoC) tool shows how Microsoft Edge handles saved credentials, demonstrating that passwords may be exposed in cleartext within...
Karakurt Ransomware Negotiator Sentenced to Prison
Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies. The post Karakurt Ransomware Negotiator Sentenced to...
FTC orders Kochava to stop selling people’s location data
The US Federal Trade Commission (FTC) has moved to permanently restrict data broker Kochava and its subsidiary from selling precise location data. This resolves...
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his "cold case" negotiator role in the Russian Karakurt ransomware g...
.webp)
New Attribution Framework Connects APT Campaigns Through Strategic, Operational, and Technical Layers
Tracking Advanced Persistent Threat (APT) groups has never been a simple task. For years, security organizations have relied on identifying consistent behaviors...
CloudZ malware hijacks Microsoft Phone Link to intercept SMS and OTPs
A new malware campaign abuses Microsoft’s Phone Link app to intercept sensitive mobile data, including one-time passwords (OTPs), without compromising the phone...
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connec...
WhatsApp Vulnerability Lets Attackers Leverage Instagram Reels to Execute Malicious URLs
Meta has disclosed a medium-severity security vulnerability in WhatsApp that could allow threat actors to exploit Instagram Reels integration to trigger arbitra...
MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs
The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests. The post MetInfo, Weaver E-cology Vulnerabiliti...
Instagram’s to End Encrypted Chats for Direct Messages
Meta has announced that Instagram will officially discontinue its optional end-to-end encrypted direct message feature on May 8, 2026. The feature was initially...
APT37 hacks gaming platform to spread new BirdCall Android spyware
North Korean hackers compromised a gaming platform in a supply-chain attack, using trojanized Windows and Android games to deploy a previously undocumented mobi...
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform....
WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities
The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year. The post WhatsApp Discloses F...
Beware of Fake ‘Notepad++ for Mac’ Website, Possibly Could Harm your Machine
A fake website claiming to offer an official macOS version of the popular text editor Notepad++ has been making rounds online, raising serious cybersecurity con...
Critical Android Zero-Click Vulnerability Grants Remote Shell Access
Google has published the May 2026 Android Security Bulletin, alerting the ecosystem to a highly severe remote code execution (RCE) flaw. Tracked as CVE-2026-007...
pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk
The npm ecosystem has long been a target for supply chain attacks, where threat actors exploit the open nature of public package registries to push malicious co...
Microsoft Edge Stores All Saved Passwords in Cleartext Process Memory at Launch
A security researcher has discovered that Microsoft Edge decrypts every stored password into process memory the moment the browser launches and keeps them there...
Apache HTTP Server Exposes Millions of Servers to Remote Code Execution Attacks
The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free ...