information security

Pre-Stuxnet 'fast16' Malware Discovered: 2005 NSA-Linked Cyber Sabotage Framework Rewrites History of State Cyberweapons

April 26, 2026 · high

CVE-2026-28950: Apple Patches iOS Flaw That Let FBI Extract Deleted Signal Messages From Push Notification Database

April 23, 2026 · high

CVE-2026-5752: Cohere AI Terrarium Sandbox Flaw Allows Root Code Execution and Container Escape — No Patch Coming

April 22, 2026 · critical

Microsoft April 2026 Patch Tuesday: SharePoint Zero-Day CVE-2026-32201 Actively Exploited + CVSS 9.8 Windows IKE RCE Among 169 Fixes

April 15, 2026 · critical

OpenAI Launches GPT-5.4-Cyber: AI Built for Cybersecurity Defenders with Codex Security Fixing 3,000+ Critical Flaws

April 15, 2026 · low

OpenAI Revokes macOS App Certificate After North Korea's Axios Supply Chain Attack — Update ChatGPT Before May 8

April 13, 2026 · critical

CVE-2026-34621: Adobe Releases Emergency Patch for Actively Exploited Acrobat Reader Flaw — Update Now

April 12, 2026 · high

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE Flaw Chains with Auth Bypass — Plus 20 More Threats This Week

April 11, 2026 · high

Adobe Reader Zero-Day Actively Exploited via Fake Invoice PDFs — No Patch Available Yet

April 9, 2026 · critical

Masjesu Botnet: The Stealthy DDoS-for-Hire Service Quietly Hijacking IoT Devices Since 2023 — Now Hitting 300 Gbps

April 8, 2026 · high

CVE-2026-34040: Docker AuthZ Plugin Bypass Lets Attackers Escape Containers and Gain Full Host Access — AI Agents Can Trigger It Automatically

April 7, 2026 · high

$285 Million Drift Hack: North Korea's UNC4736 Spent Six Months Building Trust Before Draining Everything in 10 Seconds

April 6, 2026 · critical

36 Malicious npm Packages Disguised as Strapi Plugins Exploit Redis and PostgreSQL to Deploy Persistent Implants and Reverse Shells

April 5, 2026 · critical

Microsoft Exposes Cookie-Controlled PHP Web Shells That Resurrect Themselves via Cron — A New Stealthy Linux Persistence Technique

April 4, 2026 · high

North Korea's UNC1069 Backdoored Axios npm Package — 183 Million Weekly Downloads Exposed to WAVESHAPER.V2 Backdoor

April 1, 2026 · critical

OpenAI Patches Two Critical Vulnerabilities: ChatGPT Data Exfiltration via Side Channel and Codex Command Injection Exposing GitHub Tokens

March 31, 2026 · high

CVE-2026-3055: Citrix NetScaler Critical Flaw Leaks Sensitive Memory — Patch Immediately Before Exploitation Begins

March 25, 2026 · critical