Latest news

Google Patches Two Critical Chrome RCE Flaws in Urgent Update — Update to 148.0.7778.178 Now
Vulnerability

Google Patches Two Critical Chrome RCE Flaws in Urgent Update — Update to 148.0.7778.178 Now

22 May 2026 dark6

Google has released an emergency Chrome security update addressing 16 vulnerabilities including two Critical-rated remote code execution flaws in WebRTC...
Read more 0
Operation Saffron: International Authorities Dismantle ‘First VPN’ Criminal Network Linked to Global Ransomware Attacks
Cybercrime

Operation Saffron: International Authorities Dismantle ‘First VPN’ Criminal Network Linked to Global Ransomware Attacks

22 May 2026 dark6

A coordinated international law enforcement operation led by France, the Netherlands, Europol, and Eurojust has dismantled First VPN — a...
Read more 0
WantToCry Ransomware Encrypts Files Remotely Over SMB — No Malware Required
Ransomware

WantToCry Ransomware Encrypts Files Remotely Over SMB — No Malware Required

22 May 2026 dark6

A ransomware operation called WantToCry is exploiting exposed SMB file-sharing services to encrypt business data without ever installing malware on...
Read more 0
Dark Web Brokers Flood Forums With Recycled Breach Data Disguised as Fresh Corporate Leaks
Cybercrime

Dark Web Brokers Flood Forums With Recycled Breach Data Disguised as Fresh Corporate Leaks

22 May 2026 dark6

Cybercriminals operating in Chinese-language dark web ecosystems are repackaging data from old breaches and selling it as fresh corporate intelligence,...
Read more 0
DevilNFC: New Android Malware Traps Victims in Kiosk Mode During NFC Card Relay Attacks
Malware

DevilNFC: New Android Malware Traps Victims in Kiosk Mode During NFC Card Relay Attacks

21 May 2026 dark6

DevilNFC is a new Android malware that combines NFC relay attacks with Android Kiosk Mode to trap victims inside a...
Read more 0
Void Botnet Weaponizes Ethereum Smart Contracts for Seizure-Proof Command-and-Control Infrastructure
Malware

Void Botnet Weaponizes Ethereum Smart Contracts for Seizure-Proof Command-and-Control Infrastructure

21 May 2026 dark6

The Void Botnet uses Ethereum smart contracts as a seizure-resistant C2 channel, making traditional law enforcement takedowns impossible. Sold on...
Read more 0
Gremlin Stealer Evolves: New Variant Hides C2 URLs in Encrypted Resources and Adds Discord Token Theft
Malware

Gremlin Stealer Evolves: New Variant Hides C2 URLs in Encrypted Resources and Adds Discord Token Theft

21 May 2026 dark6

A newly analyzed Gremlin stealer variant hides C2 URLs inside XOR-encrypted .NET resource sections, making it invisible to static scanners....
Read more 0
Claude Code’s Five-Month Network Sandbox Bypass Silently Exposed Developer Credentials and Source Code
Vulnerability

Claude Code’s Five-Month Network Sandbox Bypass Silently Exposed Developer Credentials and Source Code

21 May 2026 dark6

Anthropic's Claude Code harbored a critical SOCKS5 null-byte injection sandbox bypass for over five months, allowing attackers to silently exfiltrate...
Read more 0
Kimsuky APT Runs Four Simultaneous Spear-Phishing Campaigns Targeting Recruiters, Crypto Users, and Defense Officials
Phishing

Kimsuky APT Runs Four Simultaneous Spear-Phishing Campaigns Targeting Recruiters, Crypto Users, and Defense Officials

20 May 2026 dark6

North Korea's Kimsuky threat group has been operating four parallel spear-phishing campaigns targeting corporate recruiters, cryptocurrency developers, defense sector officials,...
Read more 0
ShinyHunters Claims Cyberattack on U.S. Online Learning Platform — FBI Warns of Extortion Escalation
Databreach

ShinyHunters Claims Cyberattack on U.S. Online Learning Platform — FBI Warns of Extortion Escalation

20 May 2026 dark6

ShinyHunters has claimed responsibility for a cyberattack on a U.S.-based online Learning Management System, disrupting access for educational institutions nationwide....
Read more 0
CVE-2026-2005: Public PoC Released for Critical 20-Year-Old PostgreSQL pgcrypto RCE Vulnerability
Vulnerability

CVE-2026-2005: Public PoC Released for Critical 20-Year-Old PostgreSQL pgcrypto RCE Vulnerability

20 May 2026 dark6

A public proof-of-concept exploit has been released for CVE-2026-2005, a critical remote code execution flaw in PostgreSQL's pgcrypto extension rooted...
Read more 0
GitHub Confirms Internal Repository Breach via Malicious VS Code Extension — TeamPCP Claims 3,800 Repos Stolen
Databreach

GitHub Confirms Internal Repository Breach via Malicious VS Code Extension — TeamPCP Claims 3,800 Repos Stolen

20 May 2026 dark6

GitHub has confirmed unauthorized access to its internal repositories after a malicious Visual Studio Code extension compromised an employee device....
Read more 0