Secure Bulletin – Navigating the cyber sea with knowledge

Latest news

CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed

9 April 2026 dark6

A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000...

Read more 0

Vulnerability

Chrome’s Fourth Zero-Day of 2026: CISA Orders Federal Agencies to Patch CVE-2026-5281 by April 15

9 April 2026 dark6

Google has patched CVE-2026-5281, a use-after-free zero-day in Chrome’s WebGPU engine already exploited in the wild. It’s the fourth Chrome...

Read more 0

Vulnerability

Unpatched Adobe Reader Zero-Day Has Been Silently Exploiting Users Since December

9 April 2026 dark6

A highly sophisticated zero-day exploit targeting Adobe Reader has been active since December 2025, requiring just a single click to...

Read more 0

Cybercrime

APT28’s FrostArmada: How Russian Hackers Built an 18,000-Router Army to Steal Microsoft 365 Credentials

9 April 2026 dark6

Russia’s APT28 compromised over 18,000 routers across 120 countries to silently hijack DNS and steal Microsoft 365 credentials from government...

Read more 0

Phishing

A Silent Killer Sneaking into Your Code: New Campaign Targets VS Code Developers

11 December 2025 dark6

From seemingly innocuous extensions to stealthy trojans, the threat landscape for developers is evolving. While the world continues to grapple...

Read more 0

Vulnerability

GitLab Releases Critical Security Patch for Multiple High-Severity Vulnerabilities

11 December 2025 dark6

Security researchers have uncovered vulnerabilities in GitLab’s Community Edition and Enterprise Edition platforms, prompting the company to release critical security...

Read more 0

Malware

VSCode: A New Wave of Malware Exploits the Heart of Creative Workflows

9 December 2025 dark6

The lines between personal work and corporate security are increasingly blurring, especially for developers. With tools like Visual Studio Code...

Read more 0

Phishing

A Sneaky New Threat: Microsoft Teams Calls and QuickAssist Lead to Stealthy Malware Attacks

9 December 2025 dark6

From phishing calls to fileless malware, the evolution of cyberattacks is alarmingly rapid. The latest threat employs a sophisticated blend...

Read more 0

Hacktivism

The Kitten Project: A New Era of Coordinated Hacktivism

8 December 2025 dark6

The cyber-world has always been a stage for activism and protest, but the rise of hacktivism offers something different –...

Read more 0

Malware

A Sophisticated New Threat: FvncBot Strikes Again

7 December 2025 dark6

A dangerous new banking malware called FvncBot is targeting unsuspecting users of Android devices, leveraging sophisticated techniques to steal sensitive...

Read more 0

Spyware

The Sophisticated ClickFix Sting: How Calisto Disguises Itself to Steal Credentials

5 December 2025 dark6

Calisto, a cyberespionage campaign attributed to the Russian FSB’s Center 18 for Information Security (military unit 64829), has been making...

Read more 0

Malware

ClayRat: A New Breed of Android Spyware with Unprecedented Control

5 December 2025 dark6

A closer look at the sophisticated threat and its tactics. The mobile device landscape is under a constant barrage of...

Read more 0