Latest news

Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations
Malware

Cloud Atlas APT Patches termsrv.dll to Enable Silent Dual RDP Sessions — Targets Government and Diplomatic Organizations

26 May 2026 dark6

The Cloud Atlas APT group has adopted a stealthy new technique: modifying Windows termsrv.dll to enable multiple simultaneous RDP sessions,...
Read more 0
Critical 7-Zip Flaw CVE-2026-48095 (CVSS 8.8) Enables Arbitrary Code Execution via NTFS Vtable Hijack
Vulnerability

Critical 7-Zip Flaw CVE-2026-48095 (CVSS 8.8) Enables Arbitrary Code Execution via NTFS Vtable Hijack

26 May 2026 dark6

A critical heap buffer overflow in 7-Zip 26.00 (CVE-2026-48095, CVSS 8.8) lets attackers execute arbitrary code through an NTFS vtable...
Read more 0
Payload Ransomware Deploys ChaCha20 + Curve25519 ECDH to Lock Files — 50+ Victims Across Five Countries
Ransomware

Payload Ransomware Deploys ChaCha20 + Curve25519 ECDH to Lock Files — 50+ Victims Across Five Countries

26 May 2026 dark6

A new ransomware operation called Payload has emerged using military-grade ChaCha20 encryption paired with Curve25519 ECDH key exchange, making file...
Read more 0
Megalodon Campaign Backdoors 5,500+ GitHub Repositories in Six-Hour CI/CD Blitz
Malware

Megalodon Campaign Backdoors 5,500+ GitHub Repositories in Six-Hour CI/CD Blitz

25 May 2026 dark6

The automated "Megalodon" attack campaign pushed malicious CI/CD backdoors into 5,561 GitHub repositories within 6 hours on May 18, 2026,...
Read more 0
Supply Chain Attack Backdoors 233 Laravel-Lang Package Versions Across 700 GitHub Repositories
Malware

Supply Chain Attack Backdoors 233 Laravel-Lang Package Versions Across 700 GitHub Repositories

25 May 2026 dark6

Attackers exploited GitHub's tagging system to inject credential-stealing PHP backdoors into 233 versions of Laravel-Lang packages, silently targeting developer cloud...
Read more 0
Hackers Exploit End-of-Life F5 BIG-IP as Enterprise Entry Point, Pivoting to Active Directory via Confluence RCE
Cybercrime

Hackers Exploit End-of-Life F5 BIG-IP as Enterprise Entry Point, Pivoting to Active Directory via Confluence RCE

25 May 2026 dark6

Microsoft Defender researchers document a multi-stage intrusion where threat actors exploited an end-of-life F5 BIG-IP appliance to gain SSH access,...
Read more 0
CVE-2026-9256 “nginx-poolslip”: Critical NGINX Flaw Enables Unauthenticated DoS and Code Execution
Vulnerability

CVE-2026-9256 “nginx-poolslip”: Critical NGINX Flaw Enables Unauthenticated DoS and Code Execution

25 May 2026 dark6

A critical heap buffer overflow in the NGINX rewrite module (CVE-2026-9256, "nginx-poolslip") allows unauthenticated remote attackers to crash NGINX workers...
Read more 0
art-template npm Package Backdoored to Deliver iOS Browser Exploit Kit via Supply Chain Attack
Malware

art-template npm Package Backdoored to Deliver iOS Browser Exploit Kit via Supply Chain Attack

24 May 2026 dark6

Attackers hijacked the widely-used art-template npm library by taking over its maintenance, then injected a sophisticated iOS browser exploit kit...
Read more 0
2026 FIFA World Cup Phishing Fraud Triples in Scope: 222 Fake Domains, Four Criminal Clusters
Phishing

2026 FIFA World Cup Phishing Fraud Triples in Scope: 222 Fake Domains, Four Criminal Clusters

24 May 2026 dark6

A massive phishing operation targeting 2026 FIFA World Cup fans has grown nearly three times larger than initially reported, now...
Read more 0
CISA Flags Actively Exploited Langflow Flaw CVE-2025-34291 — AI Workflow Deployments at Risk
Vulnerability

CISA Flags Actively Exploited Langflow Flaw CVE-2025-34291 — AI Workflow Deployments at Risk

24 May 2026 dark6

CISA has added CVE-2025-34291, a critical CORS misconfiguration in the Langflow AI workflow platform, to its Known Exploited Vulnerabilities catalog,...
Read more 0
AI Discovers 10,000+ Zero-Days: Anthropic’s Claude Mythos Preview Transforms Cybersecurity Defense
AI

AI Discovers 10,000+ Zero-Days: Anthropic’s Claude Mythos Preview Transforms Cybersecurity Defense

24 May 2026 dark6

Anthropic's Claude Mythos Preview AI model has autonomously discovered over 10,000 critical zero-day vulnerabilities across major software systems as part...
Read more 0
Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025
Cybercrime

Ukrainian Intelligence Report: Russian APT Groups Intensify Cyber Operations — 5,927 Incidents, 37% Rise in 2025

23 May 2026 dark6

A new intelligence report from Ukraine's National Security and Defense Council reveals Russian state-sponsored threat groups dramatically escalated cyber operations...
Read more 0