Schedule a Demo

Cyber Security

Cyber Security
Cyber Security

New ScarCruft Supply Chain Attack Hits Gaming Platform With Windows and Android Backdoors

new-scarcruft-supply-chain-attack-hits-gaming-platform-with-windows-and-android-backdoors

A North Korea-aligned threat group known as ScarCruft has been caught running a supply chain attack against a video gaming platform serving ethnic Koreans in China’s Yanbian region. The attackers planted backdoors in both Windows and Android versions of the platform’s games, turning a trusted service into a covert espionage tool. The campaign has likely […]

Critical Android Zero-Click Vulnerability Grants Remote Shell Access

critical-android-zero-click-vulnerability-grants-remote-shell-access

Google has published the May 2026 Android Security Bulletin, alerting the ecosystem to a highly severe remote code execution (RCE) flaw. Tracked as CVE-2026-0073, this critical vulnerability resides deep within the core Android System component. It allows an attacker to gain remote shell access without requiring a single tap, download, or click from the device […]

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

digicert-hacked-via-weaponized-screensaver-file-to-obtain-ev-code-signing-certificates

A sophisticated threat actor breached DigiCert’s internal support environment in early April 2026 by tricking support analysts into executing a disguised malicious screensaver file, ultimately obtaining stolen EV Code Signing certificates used to distribute the “Zhong Stealer” malware family. On April 2, 2026, a threat actor contacted DigiCert’s customer support team through a Salesforce-based chat […]

Malicious Tanstack Package Uses Postinstall Script to Steal Developer Environment Files

malicious-tanstack-package-uses-postinstall-script-to-steal-developer-environment-files

A malicious npm package impersonating the widely trusted TanStack project was discovered on April 29, 2026, silently stealing developer environment files the moment it was installed. The attacker registered the unscoped “tanstack” package name on npm, dressed it up as a legitimate video player SDK called “TanStackPlayer,” and embedded a credential-harvesting script inside it that […]

Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed

threat-actors-use-ai-to-automate-0-day-discovery-and-exploitation-at-machine-speed

The way cyberattacks are launched has fundamentally changed. Threat actors are no longer spending months hunting for software flaws by hand. With artificial intelligence in their toolkit, they can now discover and exploit zero-day vulnerabilities in minutes, placing organizations across every sector at serious risk. For years, finding a zero-day required deep technical skill, long […]

Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware

microsoft-defender-mistakenly-flags-digicert-root-certificates-as-malware

Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially disrupting SSL/TLS validation and code-signing operations across enterprise environments worldwide. A Defender antimalware signature update released around April 30, 2026, introduced a detection labeled Trojan:Win32/Cerdigent.A!dha, which incorrectly identified registry entries belonging […]

Trellix Source Code Breach Hackers Gain Unauthorized Access to Repository

trellix-source-code-breach-hackers-gain-unauthorized-access-to-repository

Cybersecurity giant Trellix has disclosed a significant security incident involving unauthorized access to a portion of its source code repository. The company confirmed the breach in an official statement published on its website, stating it immediately engaged leading forensic experts upon discovering the intrusion. Threat actors gained unauthorized access to part of Trellix’s internal source […]

Hackers Breach Government and Military Servers by Exploiting cPanel Vulnerability

hackers-breach-government-and-military-servers-by-exploiting-cpanel-vulnerability

A sophisticated adversarial campaign targeting South-East Asian government and military infrastructure, combining rapid exploitation of a critical cPanel authentication bypass with a custom zero-day exploit chain against an Indonesian defense-sector portal and ultimately pivoting to exfiltrate over 4GB of sensitive Chinese railway documents. The campaign’s initial access vector centered on CVE-2026-41940, a critical CVSS 9.8 […]

Multiple Exim Mail Server Vulnerabilities Leads to Crash with Malicious DNS data

multiple-exim-mail-server-vulnerabilities-leads-to-crash-with-malicious-dns-data

The Exim development team has released version 4.99.2 to address four newly discovered security vulnerabilities affecting their mail server software. These flaws allow attackers to potentially crash servers, corrupt memory, or leak sensitive information. Because Exim is one of the most widely used message transfer agents on the internet, system administrators need to apply this […]

Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace

attackers-deploy-aitm-phishing-pages-to-access-sharepoint,-hubspot,-and-google-workspace

Threat actors are rapidly shifting their intrusion tradecraft toward high-speed, SaaS-centric attacks that completely bypass traditional endpoint security. Since October 2025, security researchers have tracked two distinct adversaries, identified as CORDIAL SPIDER and SNARKY SPIDER, conducting aggressive data theft campaigns. These groups operate almost exclusively within trusted SaaS environments such as SharePoint, HubSpot, and Google […]