PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...

Google Play apps gained 7.3 million downloads, charging users for fake call data and causing financial losses.

TCLBANKER targets 59 financial platforms using WhatsApp worms and Outlook phishing, increasing banking credential theft risks ...

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.

Quasar Linux RAT (QLNX) harvests DevOps credentials to enable software supply chain attacks with fileless execution and dual ...

ThreatsDay Bulletin: fake apps, supply chain attacks, AI-fueled exploits, ransomware chaos, and the biggest cyber threats ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.

Ivanti EPMM flaw CVE-2026-6973 exploited in limited attacks; CISA mandates fixes by May 10, 2026, increasing urgency.

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...

MuddyWater used Teams phishing in 2026 to steal credentials, enabling stealthy data exfiltration and persistence without ...