Category: News

  • Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

    Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

    Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign The Bitwarden command-line interface (CLI) package was compromised as part of an ongoing supply chain attack campaign targeting the Checkmarx ecosystem. Security researchers from JFrog and Socket discovered that malicious code was published in version @bitwarden/[email protected] of the npm package. The rogue version was available for…

  • Toxic Combinations: When Cross-App Permissions Stack into Risk

    Toxic Combinations: When Cross-App Permissions Stack into Risk

    Toxic Combinations: When Cross-App Permissions Stack into Risk On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those…

  • Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy…

  • Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack Cybersecurity researchers from Kaspersky have discovered a previously undocumented data wiper named Lotus Wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. The destructive campaign has specifically targeted the energy and utilities sector in…

  • The Gentlemen Ransomware Group Linked to Over 1,570 Corporate Victims via SystemBC Botnet

    The Gentlemen Ransomware Group Linked to Over 1,570 Corporate Victims via SystemBC Botnet

    Threat actors associated with The Gentlemen ransomware-as-a-service operation have been linked to a command-and-control server controlling more than 1,570 compromised corporate networks worldwide. The discovery, made by researchers at Check Point, reveals the true scale of an operation that has already claimed over 320 victims on its public data leak site since the group emerged…

  • Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

    Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

    Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution with root privileges. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. Terrarium is developed by Cohere AI as an…

  • Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

    Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

    Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that is distributed via a theme related to India’s banking sector. Acronis researchers Subhajeet Singha and Santiago Pontiroli said the backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS…

  • Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

    Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

    Threat actors are exploiting security flaws in TBK DVR and end-of-life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability…

  • Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

    Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

    Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet. According…

  • Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

    Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

    Cybersecurity researchers have discovered a critical “by design” weakness in the Model Context Protocol’s (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence (AI) supply chain. “This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct…