ZCyberNews
中文

Articles

432 articles

Pre-Stuxnet Malware 'Fast16' Targeted Iranian Precision SoftwareHIGH
Malware

Pre-Stuxnet Malware 'Fast16' Targeted Iranian Precision Software

Security researchers uncovered 'Fast16,' a pre-Stuxnet sabotage malware that targeted high-precision calculation software in Iran, tampering with results and self-propagating.

2 min readFast16
Shadow AI and SaaS Expand Enterprise Attack SurfaceHIGH
Industry News

Shadow AI and SaaS Expand Enterprise Attack Surface

Forgotten integrations, shadow IT, and unmanaged SaaS agents create new attack vectors. Dark Reading reports attackers exploit these gaps without sophisticated AI.

2 min read
Siemens SINEC NMS Authentication Bypass CVE-2026-24032 Gets 7.3 CVSSHIGH
Vulnerabilities

Siemens SINEC NMS Authentication Bypass CVE-2026-24032 Gets 7.3 CVSS

ZDI disclosed CVE-2026-24032, a 7.3-CVSS authentication bypass in Siemens SINEC NMS that requires no authentication to exploit. Affects industrial network management systems.

CVE-2026-24032
3 min read
Toronto Police Bust SMS Blaster Phishing OperationHIGH
Industry News

Toronto Police Bust SMS Blaster Phishing Operation

Three men arrested in Canada's first SMS blaster case — device impersonated cell towers to send mass phishing messages and disrupt mobile networks in Toronto.

2 min read
US Vows Crackdown on Chinese Firms Exploiting American AI ModelsMEDIUM
Industry News

US Vows Crackdown on Chinese Firms Exploiting American AI Models

Trump administration announces policy to penalize Chinese companies exploiting U.S. AI models via reverse engineering or unauthorized access, citing national security risks.

2 min read
Apple Patches iOS Flaw That Stored Deleted Signal NotificationsHIGH
Vulnerabilities

Apple Patches iOS Flaw That Stored Deleted Signal Notifications

CVE-2026-28950 in iOS Notification Services retained deleted Signal messages on device, accessible via forensic tools. Apple fixed the logging flaw in iOS 18.4.1 and iPadOS 18.4.1.

CVE-2026-28950
3 min read
Bitwarden CLI Compromised in Checkmarx Supply Chain AttackCRITICAL
Malware

Bitwarden CLI Compromised in Checkmarx Supply Chain Attack

JFrog and Socket found malicious code in @bitwarden/[email protected] — the same campaign that hijacked Checkmarx npm packages.

3 min read
CanisterSprawl Worm Hijacks npm Packages, Steals Developer TokensHIGH
Malware

CanisterSprawl Worm Hijacks npm Packages, Steals Developer Tokens

The CanisterSprawl supply chain worm hijacks npm packages, uses stolen developer tokens to self-propagate, and exfiltrates data to an ICP canister, according to Socket and…

2 min readCanisterSprawl
Checkmarx KICS Supply-Chain Breach Hits Docker, VS CodeCRITICAL
Malware

Checkmarx KICS Supply-Chain Breach Hits Docker, VS Code

Attackers compromised Checkmarx KICS Docker images and VS Code extensions to steal cloud credentials, API keys, and source code from developer environments.

3 min read
Cyberattacks on Firms Cascade to Consumers, Malwarebytes WarnsMEDIUM
Industry News

Cyberattacks on Firms Cascade to Consumers, Malwarebytes Warns

Malwarebytes analysis shows corporate breaches expose customer PII, enable follow-on fraud, and inflate insurance premiums — affecting even unaffected individuals.

2 min read
ICE Admits Using Graphite Spyware for SurveillanceMEDIUM
Industry News

ICE Admits Using Graphite Spyware for Surveillance

U.S. Immigration and Customs Enforcement (ICE) confirmed using spyware from Israeli firm Graphite, a tool capable of extracting data from encrypted messaging apps like WhatsApp…

2 min read
Lotus Wiper Strikes Venezuelan Energy Sector in Destructive CampaignCRITICAL
Malware

Lotus Wiper Strikes Venezuelan Energy Sector in Destructive Campaign

Kaspersky discovered Lotus Wiper, a novel file wiper targeting Venezuela's energy and utilities sector since late 2025.

2 min readLotus Wiper
← PrevPage 24 of 36Next →