Latest news

Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks
Ransomware

Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks

1 May 2026 dark6

The Qilin ransomware group, responsible for over 700 attacks in 2025, has been observed using a stealthy PowerShell technique to...
Read more 0
Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws
Vulnerability

Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws

1 May 2026 dark6

Wireshark 4.6.5 addresses over 40 security vulnerabilities, including critical RCE flaws in TLS, RDP, and SBC dissectors. Organizations running Wireshark...
Read more 0
Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit
Malware

Lazarus Group Targets macOS Users With Sophisticated “Mach-O Man” Four-Stage Malware Kit

30 April 2026 dark6

North Korea's Lazarus Group has deployed a new modular macOS malware kit called "Mach-O Man" targeting fintech executives and crypto...
Read more 0
Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017
Vulnerability

Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017

30 April 2026 dark6

A newly disclosed Linux kernel zero-day dubbed "Copy Fail" (CVE-2026-31431) allows any unprivileged local user to obtain root access on...
Read more 0
SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service
Vulnerability

SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service

30 April 2026 dark6

SonicWall has patched three vulnerabilities in SonicOS — CVE-2026-0204 (CVSS 8.0), CVE-2026-0205, and CVE-2026-0206 — affecting Generation 6, 7, and...
Read more 0
Europol Dismantles €50 Million Investment Fraud Network Operating Corporate-Style Scam Call Centres in Albania
Cybercrime

Europol Dismantles €50 Million Investment Fraud Network Operating Corporate-Style Scam Call Centres in Albania

30 April 2026 dark6

A coordinated Europol operation has taken down a €50 million online investment fraud network operating out of corporate-style call centres...
Read more 0
BlueNoroff Deploys AI Deepfake Zoom Lures and Fileless PowerShell to Drain Crypto Wallets Across 20+ Countries
Malware

BlueNoroff Deploys AI Deepfake Zoom Lures and Fileless PowerShell to Drain Crypto Wallets Across 20+ Countries

29 April 2026 dark6

North Korea's BlueNoroff subgroup has launched a sophisticated global campaign targeting cryptocurrency and Web3 executives, using AI-generated deepfake Zoom meetings,...
Read more 0
cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites
Vulnerability

cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites

29 April 2026 dark6

cPanel has issued emergency security patches across all supported versions to address a critical authentication vulnerability in cPanel and WHM...
Read more 0
Critical GitHub RCE Vulnerability CVE-2026-3854 Exposed Millions of Repositories to Cross-Tenant Access
Vulnerability

Critical GitHub RCE Vulnerability CVE-2026-3854 Exposed Millions of Repositories to Cross-Tenant Access

29 April 2026 dark6

Wiz researchers used AI-augmented reverse engineering to uncover CVE-2026-3854, a critical RCE flaw in GitHub's internal git infrastructure that could...
Read more 0
APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass
Vulnerability

APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass

29 April 2026 dark6

Russian state-sponsored APT28 is actively exploiting CVE-2026-32202, a zero-click Windows Shell vulnerability that bypasses Defender SmartScreen and silently exfiltrates Net-NTLMv2...
Read more 0
Hackers Weaponize Fake Claude Code Leak to Distribute Vidar Infostealer and GhostSocks Proxy Malware
Malware

Hackers Weaponize Fake Claude Code Leak to Distribute Vidar Infostealer and GhostSocks Proxy Malware

28 April 2026 dark6

Threat actors are using fake GitHub repositories impersonating the leaked Anthropic Claude Code source to deliver a Rust dropper that...
Read more 0
ClickUp’s Hardcoded API Key Has Silently Leaked 959 Corporate and Government Emails for 15 Months
Databreach

ClickUp’s Hardcoded API Key Has Silently Leaked 959 Corporate and Government Emails for 15 Months

28 April 2026 dark6

A hardcoded API key in ClickUp's public JavaScript file exposed 959 corporate and government email addresses for over 15 months...
Read more 0