internet security
8 articles
Masjesu Botnet: The Stealthy DDoS-for-Hire Service Quietly Hijacking IoT Devices Since 2023 — Now Hitting 300 Gbps
April 8, 2026 · high
CVE-2026-34040: Docker AuthZ Plugin Bypass Lets Attackers Escape Containers and Gain Full Host Access — AI Agents Can Trigger It Automatically
April 7, 2026 · high
$285 Million Drift Hack: North Korea's UNC4736 Spent Six Months Building Trust Before Draining Everything in 10 Seconds
April 6, 2026 · critical
36 Malicious npm Packages Disguised as Strapi Plugins Exploit Redis and PostgreSQL to Deploy Persistent Implants and Reverse Shells
April 5, 2026 · critical
Microsoft Exposes Cookie-Controlled PHP Web Shells That Resurrect Themselves via Cron — A New Stealthy Linux Persistence Technique
April 4, 2026 · high
North Korea's UNC1069 Backdoored Axios npm Package — 183 Million Weekly Downloads Exposed to WAVESHAPER.V2 Backdoor
April 1, 2026 · critical
OpenAI Patches Two Critical Vulnerabilities: ChatGPT Data Exfiltration via Side Channel and Codex Command Injection Exposing GitHub Tokens
March 31, 2026 · high
CVE-2026-3055: Citrix NetScaler Critical Flaw Leaks Sensitive Memory — Patch Immediately Before Exploitation Begins
March 25, 2026 · critical