Latest news

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
Malware

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026 dark6

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Read more 0
CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline
Vulnerability

CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline

26 April 2026 dark6

CISA has added two chained vulnerabilities in SimpleHelp remote support software — CVE-2024-57726 (missing authorization) and CVE-2024-57728 (path traversal) —...
Read more 0
ADT Confirms Data Breach: ShinyHunters Claims 10 Million Records Stolen via Vishing Attack
Databreach

ADT Confirms Data Breach: ShinyHunters Claims 10 Million Records Stolen via Vishing Attack

26 April 2026 dark6

Home security giant ADT Inc. has confirmed a data breach following a ShinyHunters claim of stealing over 10 million records....
Read more 0
PhantomRPC: Unpatched Windows RPC Flaw Enables SYSTEM-Level Privilege Escalation on All Windows Versions
Vulnerability

PhantomRPC: Unpatched Windows RPC Flaw Enables SYSTEM-Level Privilege Escalation on All Windows Versions

26 April 2026 dark6

Kaspersky researchers have revealed PhantomRPC, an unpatched architectural flaw in the Windows RPC runtime that allows local privilege escalation to...
Read more 0
Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting
Vulnerability

Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting

25 April 2026 dark6

Kali Linux 2026.1 has been released with eight new hacking tools including AdaptixC2, Atomic-Operator, and MetasploitMCP, alongside the Linux 6.18...
Read more 0
Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch
Vulnerability

Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch

25 April 2026 dark6

Microsoft has confirmed that the April 2026 cumulative update KB5082063 causes Windows Server 2025 domain controllers to enter reboot loops,...
Read more 0
Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files
Phishing

Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday introduces new multi-layer warning dialogs in Windows Remote Desktop Connection, designed to protect users from...
Read more 0
Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day
Vulnerability

Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday fixes a record 168 vulnerabilities, including an actively exploited SharePoint zero-day (CVE-2026-32201) and a publicly...
Read more 0
Threat Group UNC6692 Breaches Enterprise Networks via Microsoft Teams Impersonation and SNOW Malware Suite
Phishing

Threat Group UNC6692 Breaches Enterprise Networks via Microsoft Teams Impersonation and SNOW Malware Suite

24 April 2026 dark6

The newly identified threat group UNC6692 is compromising enterprise networks by impersonating IT helpdesk staff on Microsoft Teams, deploying a...
Read more 0
Hackers Abuse SS7 and Diameter Protocols to Track Mobile Users Worldwide
Privacy

Hackers Abuse SS7 and Diameter Protocols to Track Mobile Users Worldwide

24 April 2026 dark6

Citizen Lab researchers have uncovered two sophisticated threat actors, STA1 and STA2, exploiting legacy SS7 and 4G Diameter telecom protocols...
Read more 0
North Korean IT Worker Scheme: How DPRK Operatives Infiltrate Companies to Fund Weapons Programs
Cybercrime

North Korean IT Worker Scheme: How DPRK Operatives Infiltrate Companies to Fund Weapons Programs

24 April 2026 dark6

A Team Cymru investigation has exposed the technical infrastructure behind North Korea's long-running fake IT worker scheme, revealing how state-sponsored...
Read more 0
Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend
Malware

Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend

24 April 2026 dark6

JFrog Security researchers have uncovered a malicious npm package, js-logger-pack, that uses Hugging Face as both a malware delivery network...
Read more 0