Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]
Ransomware and vendor breaches persist, but the 2026 Data Breach Investigations Report (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. [...]
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeli…
A botnet P2PInfect passou a comprometer clusters Kubernetes por meio de instâncias Redis expostas à internet, ampliando o risco para ambientes de nuvem e aplicações corporativas. A ameaça, escrita em Rust e ativa desde 2023, foi observada em ataques contra clusters do Google Kube…
1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the ex…
O ransomware WantToCry está sendo usado contra empresas ao abusar de serviços SMB expostos na internet para criptografar arquivos remotamente, sem instalar malware no sistema da vítima. A técnica reduz a visibilidade do ataque e dificulta a detecção por ferramentas tradicionais d…
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.
U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. [...]
The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed denial-of-service (DDoS) botnet known as Kimwolf. In tandem, Jacob Butler (aka Dort), 23, Ottawa, Canada, has been charged with offenses r…
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are lis…
Mais da metade do tráfego global da internet não é gerado por seres humanos, aponta a 13ª edição do Relatório de Bots Maliciosos da Thales Group, publicado em 30 de abril de 2026. A pesquisa indica que 53% das requisições em sites vêm de programas automatizados, sendo que 40% são…
A Microsoft lançou patches para duas vulnerabilidades no Microsoft Defender, ambas já exploradas em ataques como falhas do tipo dia-zero. As brechas, registradas como CVE-2026-41091 e CVE-2026-45498, foram corrigidas na versão 4.18.26040.7 da plataforma antimalware. A primeira pe…
A Cisco publicou atualizações de segurança para uma vulnerabilidade de gravidade máxima em sua plataforma Secure Workload, anteriormente conhecida como Tetration. A falha, registrada como CVE-2026-20223, está localizada nas APIs REST internas do produto e permite que atacantes nã…
A Google divulgou involuntariamente informações sobre uma vulnerabilidade não corrigida no Chromium que mantém JavaScript em execução em segundo plano mesmo após o navegador ser fechado, permitindo execução remota de código no dispositivo. A falha foi relatada pela pesquisadora L…
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. "Showboat is a modular post-exploitation framework designed for Linu…
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]