News
-
Apple fixes iOS bug that kept deleted notifications on devices
Apple has fixed an iOS and iPadOS bug that could leave deleted notifications on iPhones and iPads, after reports that message copies could be recovered from notification databases in a forensic examination.
-
Malicious npm packages spread self-propagating worm through stolen developer tokens
Researchers found a self-propagating npm supply chain worm in April 2026 that stole developer secrets, reused npm tokens to publish poisoned packages and also included PyPI propagation logic.
-
Mirai campaign targets unpatched D-Link router flaw
A Mirai-based malware campaign is exploiting CVE-2025-29635 in end-of-life D-Link DIR-823X routers, according to Akamai. The attacks download a shell script that installs botnet malware and also target other router flaws.
-
Harvester deploys Linux version of GoGra backdoor in South Asia targeting campaign
Harvester has deployed a Linux version of its GoGra backdoor in attacks likely aimed at South Asia, using Microsoft cloud email services as a covert control channel, according to a technical analysis by Symantec and Carbon Black Threat Hunter Team.
-
Researchers find Lotus Wiper targeting Venezuela’s energy and utilities sector
Researchers said a new wiper called Lotus Wiper hit Venezuela’s energy and utilities sector in late 2025 and early 2026, erasing recovery options and using Windows tools to destroy data across infected systems.
-
Microsoft patches critical ASP.NET Core flaw that could enable privilege escalation
Microsoft has issued an out-of-band fix for a critical ASP.NET Core vulnerability, CVE-2026-40372, that could let attackers elevate privileges and forge protected payloads under specific conditions.
-
Mustang Panda-linked LOTUSLITE variant targets India banking sector
A new LOTUSLITE malware variant has been spotted in a campaign aimed at India’s banking sector, with related lures also tied to South Korean and U.S. policy communities.
-
Cohere AI Terrarium sandbox flaw can let attackers run code as root
A critical flaw in Cohere AI’s Terrarium Python sandbox could allow arbitrary code execution as root, with CERT/CC warning that the bug may let attackers escape the sandbox and reach host or container resources.
-
French government agency confirms data breach after hacker claims 19 million records
France Titres, the French agency that issues identity and registration documents, said a security incident may have exposed account data. A hacker later claimed to be selling up to 19 million records.
-
NGate malware campaign targets Brazil through trojanized HandyPay app
Researchers found a new NGate Android malware campaign targeting Brazil since around November 2025. The trojanized HandyPay app can relay NFC payment data, capture PINs and help thieves carry out fraudulent ATM withdrawals.
