Cybersecurity
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacke…
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described as
- Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold&…
- Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023
- Reverse Engineering a Multi Stage File Format Steganography Chain of the TeamPCP Telnyx Campaign
  submitted by   <a href="https://www.reddit.com/user/Beneficial_Cattle_98"> /u/Beneficial_Cattle_98 </a> <br/> <span><a href="https://husseinmuhaisen.com/blog/reverse-engineering-teampcp-telnyx-file-format-chain/">[link]</a></span>   <span><a href="https://www.reddit…
- Claude + Humans vs nginx: CVE-2026-27654
  submitted by   <a href="https://www.reddit.com/user/maurosoria"> /u/maurosoria </a> <br/> <span><a href="https://blog.calif.io/p/claude-humans-vs-nginx-cve-2026-27654">[link]</a></span>   <span><a href="https://www.reddit.com/r/netsec/comments/1si3xvv…
- Friday Squid Blogging: Squid Overfishing in the South Pacific
<p>Regulation is <a href="https://news.mongabay.com/short-article/2026/03/the-squid-rush-in-the-south-pacific-is-forcing-regulators-to-act/">hard</a>:</p> <blockquote><p>The South Pacific Regional Fisheries Management Organization (SPRFMO) oversees fishing across roughly 59 million square kilometers (22 million square mi…
- Friday Squid Blogging: Squid Overfishing in the South Pacific
Regulation is hard: The South Pacific Regional Fisheries Management Organization (SPRFMO) oversees fishing across roughly 59 million square kilometers (22 million square miles) of the South Pacific high seas, trying to impose order on a region double the size of Africa, where distant-water fleets pursue species ranging from jack mackerel to jumbo flying squid. The latter dominated this year’s talks. Fishing for jumbo flying squid (Dosidicus gigas) has expanded rapidly over the past two decades. …
- Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached the telehealth brand, and now they may know patients' personal health details. What could they do with that information?
- Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached the telehealth brand, and now they may know patients' personal health details. What could they do with that information?
- Your Next Breach Will Look Like Business as Usual
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.
- Your Next Breach Will Look Like Business as Usual
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.
- Nmap triage without a backend: XSLT -> HTML report that highlights unusual hosts/services
  submitted by   <a href="https://www.reddit.com/user/13utters"> /u/13utters </a> <br/> <span><a href="https://xn--mbius-jua.band/blog/nmapview/">[link]</a></span>   <span><a href="https://www.reddit.com/r/netsec/comments/1shtwdg/nmap_triage_withou…
- FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
- FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
- Orange Business Reimagines Enterprise Voice Communications With Trust and AI
- Orange Business Reimagines Enterprise Voice Communications With Trust and AI
- Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
- Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
- GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine. The technique has been discovered in an Open VSX extension named …
- GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.code-wakatime-activity-tracker," which masquerades as WakaTime, a
- Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said.
- Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said.
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the …
- Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's
- Sen. Sanders Talks to Claude About AI and Privacy
<p>Claude is actually <a href="https://www.youtube.com/watch?v=h3AtWdeu_G0">pretty good</a> on the issues.</p>
- Sen. Sanders Talks to Claude About AI and Privacy
Claude is actually pretty good on the issues.
- Renovate & Dependabot: The New Malware Delivery System
  submitted by   <a href="https://www.reddit.com/user/mabote"> /u/mabote </a> <br/> <span><a href="https://blog.gitguardian.com/renovate-dependabot-the-new-malware-delivery-system/">[link]</a></span>   <span><a href="https://www.reddit.com/r/netsec/comments…
- Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned&…
- Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant
- Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution …
- Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including
- Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress …
- Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro
- Slipping up Slippi with spectator RCE
  submitted by   <a href="https://www.reddit.com/user/khangaroooooooo"> /u/khangaroooooooo </a> <br/> <span><a href="https://khang06.github.io/slippirce/">[link]</a></span>   <span><a href="https://www.reddit.com/r/netsec/comments/1shcqyf/slipping_up_s…
- [local] NetBT e-Fatura - Privilege Escalation
NetBT e-Fatura - Privilege Escalation
- [webapps] D-Link DIR-650IN - Authenticated Command Injection
D-Link DIR-650IN - Authenticated Command Injection
- Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Victims don't need to match the cyber espionage group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
- Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Victims don't need to match the cyber espionage group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
- 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Under the alias 'Chaotic Eclipse,' a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft.
- 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Under the alias 'Chaotic Eclipse,' a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft.
- Do Ceasefires Slow Cyberattacks? History Suggests Not
The cybersecurity community is waiting with bated breath to see if Iranian hackers will honor a ceasefire that doesn't actually name or directly involve them.
- Do Ceasefires Slow Cyberattacks? History Suggests Not
The cybersecurity community is waiting with bated breath to see if Iranian hackers will honor a ceasefire that doesn't actually name or directly involve them.
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox&…
- EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender
- UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled…
- UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and
- Threat Model Discrepancy: Google Password Manager leaks cleartext passwords via Task Switcher (Won't Fix) - Violates German BSI Standards
<!-- SC_OFF --><div class="md"><p>Hi everyone, I’m a Cybersecurity student at HFU in Germany and recently submitted a vulnerability to the Google VRP regarding the Google Password Manager on Android (tested on Pixel 8, Android 16).</p> <p><strong>The Issue:</strong> When you view…
- ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without …
- ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in