ZCyberNews
中文

Articles

432 articles

Mirai Botnet Exploits D-Link Router Flaw CVE-2025-29635HIGH
Malware

Mirai Botnet Exploits D-Link Router Flaw CVE-2025-29635

Mirai botnet operators exploit CVE-2025-29635, a CVSS 8.8 command injection flaw in end-of-life D-Link DIR-823X routers, to deploy malware and launch DDoS attacks.

CVE-2025-29635
3 min readMirai
North Korean Hackers Steal $12 Million in Crypto via TrojanizedHIGH
Malware

North Korean Hackers Steal $12 Million in Crypto via Trojanized

North Korean hackers siphoned over $12 million from crypto users in Q1 2026 using trojanized trading apps like CoinStats and TradingView AI Agent to steal recovery phrases and…

2 min readLazarus Group
Palo Alto Networks Zealot AI Agent Autonomously Hacks Cloud SystemsHIGH
Tools & Techniques

Palo Alto Networks Zealot AI Agent Autonomously Hacks Cloud Systems

Palo Alto Networks researchers built Zealot, a multi-agent AI penetration testing PoC that autonomously performs reconnaissance, exploitation, and data exfiltration on cloud…

2 min read
Rituals Cosmetics Breach Exposes Customer Membership DataHIGH
Industry News

Rituals Cosmetics Breach Exposes Customer Membership Data

Attackers stole personal data from Rituals Cosmetics' My Rituals membership database — names, emails, addresses, and loyalty points. Number of affected customers undisclosed.

2 min read
Trigona Ransomware Deploys Custom Exfil Tool for Faster Data TheftHIGH
Malware

Trigona Ransomware Deploys Custom Exfil Tool for Faster Data Theft

Trigona ransomware attacks now use a custom CLI tool to exfiltrate data from compromised networks faster, targeting backups and cloud storage before encryption.

2 min readTrigona
Agentic AI Systems Introduce Novel Enterprise Security RisksHIGH
AI Security

Agentic AI Systems Introduce Novel Enterprise Security Risks

Recorded Future warns that autonomous 'agentic' AI systems, now being integrated into enterprise software, create new attack surfaces for prompt injection, data poisoning, and…

3 min read
Cohere AI Terrarium Sandbox Flaw Allows Root Code Execution,CRITICAL
Vulnerabilities

Cohere AI Terrarium Sandbox Flaw Allows Root Code Execution,

CVE-2026-5752 (CVSS 9.3) in Cohere AI's Terrarium sandbox enables root-level code execution and container escape via JavaScript prototype chain traversal.

CVE-2026-5752
3 min read
CrowdStrike LogScale Vulnerability CVE-2026-40050 Lets Attackers ReadCRITICAL
Vulnerabilities

CrowdStrike LogScale Vulnerability CVE-2026-40050 Lets Attackers Read

CrowdStrike warns of critical unauthenticated path-traversal flaw (CVE-2026-40050, CVSS 9.8) in LogScale cluster API endpoint allowing remote file reads from server filesystem.

CVE-2026-40050
3 min read
Fake TradingView AI Agent Site Drops Browser-Hijacking MalwareHIGH
Malware

Fake TradingView AI Agent Site Drops Browser-Hijacking Malware

A malicious website impersonating a TradingView AI agent deploys malware that hands attackers full control of victims' browsers, enabling account theft and financial data…

2 min read
French Police Arrest Hacker Behind Dozens of Data BreachesHIGH
Industry News

French Police Arrest Hacker Behind Dozens of Data Breaches

French authorities arrested a 20-year-old suspected of 48 data breaches targeting public institutions, sports federations, and private companies, seizing equipment and…

2 min read
Harvester Deploys Linux GoGra Backdoor via Microsoft Graph APIHIGH
Malware

Harvester Deploys Linux GoGra Backdoor via Microsoft Graph API

The Harvester threat actor deploys a new Linux version of its GoGra backdoor, using Microsoft Graph API and Outlook mailboxes for stealthy C2 communication in attacks targeting…

2 min readHarvester
Kyber Ransomware Deploys Post-Quantum Encryption in AttacksHIGH
Malware

Kyber Ransomware Deploys Post-Quantum Encryption in Attacks

The Kyber ransomware gang is using a variant that implements Kyber1024 post-quantum encryption to target Windows and VMware ESXi systems, according to a BleepingComputer analysis.

2 min readKyber
← PrevPage 25 of 36Next →