Latest news

VECT 2.0 Ransomware Permanently Destroys Files Over 128 KB Due to Encryption Flaw
Ransomware

VECT 2.0 Ransomware Permanently Destroys Files Over 128 KB Due to Encryption Flaw

1 May 2026 dark6

A critical encryption bug in VECT 2.0 ransomware permanently destroys all files larger than 128 KB rather than encrypting them,...
Read more 0
Phoenix PhaaS Platform Weaponizes SMS to Impersonate Banks, Telecoms, and Delivery Firms Worldwide
Phishing

Phoenix PhaaS Platform Weaponizes SMS to Impersonate Banks, Telecoms, and Delivery Firms Worldwide

1 May 2026 dark6

A new Phishing-as-a-Service platform called Phoenix has been linked to over 1,500 phishing domains since early 2024, running large-scale smishing...
Read more 0
Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks
Ransomware

Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks

1 May 2026 dark6

The Qilin ransomware group, responsible for over 700 attacks in 2025, has been observed using a stealthy PowerShell technique to...
Read more 0
Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws
Vulnerability

Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws

1 May 2026 dark6

Wireshark 4.6.5 addresses over 40 security vulnerabilities, including critical RCE flaws in TLS, RDP, and SBC dissectors. Organizations running Wireshark...
Read more 0
Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit
Malware

Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit

30 April 2026 dark6

North Korea's Lazarus Group has deployed a new modular macOS malware kit called "Mach-O Man" targeting fintech executives and crypto...
Read more 0
Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017
Vulnerability

Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017

30 April 2026 dark6

A newly disclosed Linux kernel zero-day dubbed "Copy Fail" (CVE-2026-31431) allows any unprivileged local user to obtain root access on...
Read more 0
SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service
Vulnerability

SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service

30 April 2026 dark6

SonicWall has patched three vulnerabilities in SonicOS — CVE-2026-0204 (CVSS 8.0), CVE-2026-0205, and CVE-2026-0206 — affecting Generation 6, 7, and...
Read more 0
Europol Dismantles €50 Million Investment Fraud Network Operating Corporate-Style Scam Call Centres in Albania
Cybercrime

Europol Dismantles €50 Million Investment Fraud Network Operating Corporate-Style Scam Call Centres in Albania

30 April 2026 dark6

A coordinated Europol operation has taken down a €50 million online investment fraud network operating out of corporate-style call centres...
Read more 0
BlueNoroff Deploys AI Deepfake Zoom Lures and Fileless PowerShell to Drain Crypto Wallets Across 20+ Countries
Malware

BlueNoroff Deploys AI Deepfake Zoom Lures and Fileless PowerShell to Drain Crypto Wallets Across 20+ Countries

29 April 2026 dark6

North Korea's BlueNoroff subgroup has launched a sophisticated global campaign targeting cryptocurrency and Web3 executives, using AI-generated deepfake Zoom meetings,...
Read more 0
cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites
Vulnerability

cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites

29 April 2026 dark6

cPanel has issued emergency security patches across all supported versions to address a critical authentication vulnerability in cPanel and WHM...
Read more 0
Critical GitHub RCE Vulnerability CVE-2026-3854 Exposed Millions of Repositories to Cross-Tenant Access
Vulnerability

Critical GitHub RCE Vulnerability CVE-2026-3854 Exposed Millions of Repositories to Cross-Tenant Access

29 April 2026 dark6

Wiz researchers used AI-augmented reverse engineering to uncover CVE-2026-3854, a critical RCE flaw in GitHub's internal git infrastructure that could...
Read more 0
APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass
Vulnerability

APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass

29 April 2026 dark6

Russian state-sponsored APT28 is actively exploiting CVE-2026-32202, a zero-click Windows Shell vulnerability that bypasses Defender SmartScreen and silently exfiltrates Net-NTLMv2...
Read more 0