Gunra Ransomware Expands RaaS After Conti Shift
Gunra ransomware evolved from Conti roots into a full-scale RaaS operation, hitting dozens of orgs globally in under a year with leak sites and affiliate programs
Read More
Avada Builder Flaws Expose 1M WordPress Sites To Theft
One million WordPress sites at risk: Avada Builder flaws let hackers steal credentials and database secrets. Patch now or face a data breach nightmare.
Four Chained OpenClaw Flaws Threaten Full System Takeover
Researchers have disclosed four chained vulnerabilities in OpenClaw, collectively dubbed Claw Chain, enabling attackers to steal data, escalate privileges, and establish persistence through the AI agent’s own runtime. All flaws have been patched in OpenClaw version 2026.4.22 and users are urged to update immediately.
SpaceX Starship Upgrade Launches New Space Security Era
SpaceX’s upgraded Starship launches first test flight May 19. New capabilities could reshape space infrastructure—and expand the attack surface cybersecurity pros must defend.
Hackers Exploit OAuth Flow To Steal M365 Credentials
Hackers are weaponizing Microsoft’s OAuth device flow to steal M365 credentials at scale. This little-known attack vector has exploded since late 2024.
Critical Cisco SD-WAN Flaw Grants Admin Access Remotely
Critical CVE-2026-20182 hits Cisco SD-WAN with CVSS 10.0 rating. Unauthenticated attackers can gain full admin access remotely. Active exploitation confirmed.
Exchange Server OWA Spoofing Flaw Actively Exploited
Critical Exchange Server spoofing flaw under active attack. CVE-2026-42897 affects on-premise versions with CVSS 8.1. Patch immediately if you’re running 2016/2019.
JDownloader Installer Downloads Replaced With Malware
JDownloader’s website was hacked and installer downloads were replaced with malware for days. Millions of users potentially at risk from this supply chain attack.
Ghostwriter APT Targets Ukrainian Government Organizations
Ghostwriter APT group strikes again: New campaign targeting Ukrainian government organizations uncovered by ESET researchers. FrostyNeighbor continues its attacks.
Gremlin Stealer Evolves With Advanced Obfuscation Tactics
Gremlin stealer just leveled up. New variant uses resource file obfuscation, crypto clipping and session hijacking to fly under the radar. Your data’s at risk.