FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wil...
Media
20 articles
Chaos malware now targeting 64-bit Linux servers
Analysis of China-nexus groups also discovers double-pronged strategy, one on immediacy, the other around long dwell times.
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover
Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracke...
Kimsuky Uses Malicious LNK Files to Drop Python Backdoor
Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic lar...
Apple Releases iOS 18.7.7 Update to Defend Against DarkSword Exploit
Apple has officially expanded the rollout of iOS 18.7.
Proton launches privacy-focused video conferencing service
Proton Meet utilizes the Messaging Layer Security (MLS) protocol for end-to-end encryption, ensuring that all media and chat are encrypted client-side.
Google Warns of New Chrome Zero-Day Under Active Exploitation – Users Urged to Update Immediately
Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is active...
New Bitdefender assessment helps organizations identify and eliminate hidden internal attack paths
Bitdefender has announced the Bitdefender Internal Attack Surface Assessment, a complimentary evaluation that helps organizations identify and reduce hidden ...
Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild
F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited.
NCSC Urges Immediate Patching of F5 BIG-IP Bug
The National Cyber Security Centre wants UK firms to patch CVE-2025-53521
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad.
Optimizing Risk Discovery and Remediation with Qualys Gateway Service (QGS)
Unpatched vulnerabilities remain one of the largest drivers of cyber risk, accounting for nearly 60% of cyber compromises. Modern security programs are there...
ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this v...
Apple issues urgent lock screen warnings for unpatched iPhones and iPads
Apple is alerting users of outdated iPhones and iPads via lock screen warnings about active web-based exploits, urging immediate software updates. Apple is s...
Latvia accuses Russia of of disinformation campaign targeting Baltic states
Russian media outlets and Telegram channels have circulated allegations that the Baltic states opened their airspace to Ukrainian drones targeting Russian te...
Anti-piracy coalition takes down AnimePlay app with 5 million users
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [.
Critical NVIDIA Vulnerabilities Risk Remote Code Execution and Denial-of-Service Attacks
NVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosy...
Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks
Synology has issued an urgent security update for its DiskStation Manager (DSM) software to address a critical vulnerability. If left unpatched, this flaw co...
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, s...
Reach Security named Best Continuous Threat Exposure Management Solution
Reach Security wins for AI-driven CTEM platform enabling autonomous exposure detection and remediation.