Cyber Security – Page 36 – Simply Secure Group

CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks

CISA Warns Microsoft Configuration Manager SQL Injection Vulnerability CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on servers and databases. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 12, 2026, agencies must patch […]

Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames

Malicious Chrome AI Extensions Attacking 260000 Users via Injected IFrames A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake “AI assistants” spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions. […]

Chrome Extensions Infected 500K Users to Hijack VKontakte Accounts

Over half a million VKontakte users have fallen victim to a sophisticated malware campaign that silently hijacks accounts through seemingly harmless Chrome extensions. The malicious extensions, disguised as VK customization tools, automatically subscribe users to attacker-controlled groups, reset account settings every 30 days, and manipulate security tokens to maintain persistent control. What appeared as simple […]

Critical Vulnerability in Next-Mdx-Remote Allows Arbitrary Code Execution in React Server-Side Rendering

Vulnerability in Next-Mdx-Remote Security advisory HCSEC-2026-01 revealed a critical vulnerability in the next-mdx-remote library that allows attackers to execute arbitrary code on servers rendering untrusted MDX content. Tracked as CVE-2026-0969, the issue affects versions 4.3.0 through 5.0.0 and is fixed in 6.0.0. Next-mdx-remote is a popular open-source TypeScript library for Next.js based React apps. It […]

Odido Telecom Suffers Cyberattack 6.2 Million Customer Accounts Affected

Odido Telecom Suffers Cyberattack Odido Telecom, a leading Dutch telecommunications provider, confirmed on February 12, 2026, that hackers accessed personal data from 6.2 million customer accounts in a major cyberattack. The breach, detected over the February 7-8 weekend, has raised alarms about phishing risks despite no disruption to services. Hackers infiltrated Odido’s customer relationship management […]

Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Revealing Key TTPs

In a September 2025 incident response case, investigators found a rogue virtual machine inside a VMware vSphere environment and tied it with high confidence to Muddled Libra, also tracked as Scattered Spider and UNC3944. The VM acted like a quiet staging host, giving the intruders a place to recon the network, pull down tools, and […]

Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop

Palo Alto Networks Firewall Vulnerability A critical denial-of-service (DoS) flaw in Palo Alto Networks’ PAN-OS software could let unauthenticated attackers crash firewalls into endless reboot cycles, potentially crippling enterprise networks. Dubbed CVE-2026-0229, the vulnerability lurks in the Advanced DNS Security (ADNS) feature. An attacker sends a maliciously crafted packet to trigger a system reboot. Repeated […]

VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support

A newly tracked intrusion framework called VoidLink is drawing attention for its modular design and focus on Linux systems. It behaves like an implant management framework, letting operators deploy a core implant and add capabilities as needed, which shortens the time from access to action. Recent activity has been linked to a threat actor Cisco […]

Legacy IRC Botnet Campaign Uses Automated SSH Compromise Pipeline to Enroll Linux Hosts at Scale

SSHStalker is a newly discovered Linux botnet that brings back Internet Relay Chat (IRC) control while using automation to compromise servers over SSH. It mainly succeeds by guessing weak or reused passwords, then turning each host into a launchpad for more scans and installs. In honeypot intrusions seen in early 2026, attackers dropped a Golang […]

Socelars Malware Attacking Windows Systems to Steal Sensitive Business Data

Socelars Malware Attacking Windows Systems A dangerous information-stealing malware called Socelars is actively targeting Windows systems to collect sensitive authentication data, with particular focus on Facebook Ads Manager accounts and session cookies. Unlike traditional malware that causes immediate system damage, Socelars operates silently in the background, turning infected machines into gateways for account takeover and […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.