Hackers Use Microsoft Teams Helpdesk Chats to Breach Organizations
A newly tracked threat group, UNC6692, is using Microsoft Teams chats, fake IT helpdesk support, and a custom malware suite to break into enterprise networks.…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
Microsoft Teams Bug Blocks Some Windows Users From Joining Meetings After Edge Update
Microsoft is investigating a Teams issue that prevents some Windows users from joining meetings after a recent Microsoft Edge update introduced a regression. The incident…
Hackers Abuse SS7 and Diameter Protocols to Track Mobile Users Worldwide
Sophisticated surveillance actors are abusing weaknesses in SS7 and Diameter, the signaling protocols that help mobile networks connect across borders, to track phone users without…
Ransomware Hackers Build Custom Tool to Steal Sensitive Data Faster
Ransomware affiliates linked to Trigona have started using a custom command-line tool to steal data from compromised networks before encryption. The tool, named uploader_client.exe, gives…
Hackers Used Telegram Bots to Track 900+ React2Shell Exploits
A newly exposed server has revealed how a threat actor used automation, AI-assisted tooling, and Telegram bots to track more than 900 successful React2Shell exploits.…
Hackers Abuse Compromised Routers to Hide China-Linked Cyber Operations
China-linked hacking groups are using compromised routers, IoT devices, cameras, firewalls, and other edge systems to hide cyber operations against organizations worldwide. The UK’s National…
Hackers Can Abuse Ollama Model Uploads to Leak Sensitive Server Memory
A critical Ollama vulnerability can let attackers leak sensitive data from servers by abusing the platform’s model upload and quantization process. The flaw is tracked…
ShinyHunters claims Udemy breach with 1.4 million records, but public verification is still missing
ShinyHunters has added Udemy to its leak site and claims it stole more than 1.4 million records containing personal and internal corporate data. As of…
Python vulnerability on Windows can trigger out-of-bounds writes in asyncio socket handling
A newly disclosed Python vulnerability affects Windows systems that use asyncio for network operations. The flaw, tracked as CVE-2026-3298, stems from a missing boundary check…
Xiongmai IP camera flaw lets attackers bypass authentication and access devices remotely
A critical vulnerability in Hangzhou Xiongmai’s XM530 IP cameras can let attackers bypass authentication and gain remote access to sensitive functions without valid credentials. The…
Void Dokkaebi uses fake job interviews to spread malware through code repositories
North Korea-linked hackers are using fake job interviews to infect software developers, then turning those developers’ own repositories into malware delivery channels. Trend Micro says…
Pastebin-hosted PowerShell script steals Telegram sessions by abusing the Bot API
A newly analyzed PowerShell script hosted on Pastebin shows how little code an attacker needs to hijack a Telegram account session. Flare says the script,…
Hackers use fake CAPTCHA pages to trigger costly international SMS fraud
Fake CAPTCHA pages are now doing more than wasting people’s time. Infoblox says some of them trick users into sending dozens of paid international text…
Claude Desktop reportedly adds a browser access bridge to Chromium-based browsers on macOS
Anthropic’s Claude Desktop for macOS is facing scrutiny after privacy researcher Alexander Hanff said the app installs a Native Messaging bridge into multiple Chromium-based browser…
Hackers are exploiting Cisco Firepower devices by chaining older flaws to deploy the FIRESTARTER backdoor
State-backed hackers are actively targeting Cisco Firepower devices by chaining two known, already-patched flaws to gain unauthorized access and install a stealthy backdoor called FIRESTARTER.…