Microsoft Teams Phishing Campaign Deploys New “Snow” Malware Suite
A newly tracked threat group called UNC6692 is using Microsoft Teams chats to trick employees into installing a custom malware suite named Snow. The campaign…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
New BlackFile Extortion Group Uses Vishing Calls to Target Retail and Hospitality Firms
A new extortion group known as BlackFile is using phone calls, fake IT support messages, and stolen login codes to break into corporate systems. The…
Pack2TheRoot Flaw Gives Local Linux Users a Path to Root Access
A newly disclosed Linux vulnerability called Pack2TheRoot can let a local unprivileged user gain root access through PackageKit, the system service used by many Linux…
DORA Turns Credential Management Into a Financial Risk Control
The EU’s Digital Operational Resilience Act has changed how financial institutions need to treat passwords, privileged access, and authentication. Under DORA, weak credential management is…
Over 10,000 Zimbra Servers Remain Exposed to Ongoing XSS Attacks
More than 10,000 internet-exposed Zimbra Collaboration Suite servers remain vulnerable to an actively exploited cross-site scripting flaw, according to Shadowserver. The vulnerability, tracked as CVE-2025-48700,…
Hackers Exploit Critical File Upload Flaw in Breeze Cache WordPress Plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache WordPress plugin that can let unauthenticated attackers upload arbitrary files to vulnerable websites. The…
Bitwarden CLI npm Package Compromised in Developer Credential Theft Attack
Bitwarden has confirmed that a malicious version of its @bitwarden/cli npm package was briefly distributed through npm on April 22, 2026. The affected release, @bitwarden/[email protected],…
Rituals Discloses Data Breach Affecting My Rituals Customers
Rituals has confirmed a data breach involving its My Rituals membership database after an unauthorized party downloaded part of its members’ data in April 2026.…
Regular Password Resets Are Becoming a Help Desk Security Risk
Password resets are no longer just a routine IT task. Attackers now target help desks because a successful reset can give them legitimate access without…
UK Warns Chinese Hackers Are Using Hijacked Routers and IoT Devices as Proxy Networks
The UK’s National Cyber Security Centre and international partners have warned that China-linked hackers are increasingly routing attacks through large covert networks of compromised routers,…
New GopherWhisper APT Abuses Slack, Discord, and Outlook in Government Attacks
A newly documented China-aligned threat group called GopherWhisper has been using Slack, Discord, Microsoft 365 Outlook, and file.io to hide command-and-control traffic inside legitimate online…
CISA Orders Federal Agencies to Patch Microsoft Defender BlueHammer Zero-Day
CISA has ordered U.S. federal civilian agencies to patch CVE-2026-33825, a Microsoft Defender privilege escalation flaw exploited in real attacks. The vulnerability, known as BlueHammer,…
Apple Fixes iPhone Bug That Retained Deleted Signal Notifications
Apple has released emergency iPhone and iPad security updates to fix CVE-2026-28950, a Notification Services flaw that could cause deleted notifications to remain stored on…
Mirai Botnet Targets End-of-Life D-Link Routers Through RCE Flaw
A new Mirai-based campaign is actively exploiting CVE-2025-29635, a command injection flaw in D-Link DIR-823X routers, to infect exposed devices and add them to a…
Kyber Ransomware Targets Windows and VMware ESXi With Post-Quantum Encryption Claims
Kyber ransomware is targeting Windows file servers and VMware ESXi systems with two related encryptors, one for each environment. Rapid7 analyzed both variants during a…