ZCyberNews
中文

Articles

432 articles

Critical Android SDK Flaw Exposed Millions of Crypto Wallet Private KeysCRITICAL
Vulnerabilities

Critical Android SDK Flaw Exposed Millions of Crypto Wallet Private Keys

A vulnerability in the EngageLab Push SDK, tracked as CVE-2023-4863, allowed attackers to steal private keys from millions of Android cryptocurrency wallets by intercepting push notifications.

CVE-2023-4863
3 min read
Critical wolfSSL Flaw Allows Attackers to Forge TLS CertificatesCRITICAL
Vulnerabilities

Critical wolfSSL Flaw Allows Attackers to Forge TLS Certificates

A critical vulnerability (CVE-2022-39173) in the wolfSSL library allows attackers to forge TLS certificates, enabling MITM attacks and impersonation of trusted services.

CVE-2022-39173
4 min read
Critical WordPress Plugin Flaw Allows Unauthenticated Admin TakeoverCRITICAL
Vulnerabilities

Critical WordPress Plugin Flaw Allows Unauthenticated Admin Takeover

A critical flaw (CVE-2026-1492) in the User Registration & Membership WordPress plugin allows unauthenticated attackers to bypass login and gain full administrator access, impacting thousands of sites.

CVE-2026-1492
3 min read
Fake Claude AI Website Delivers PlugX RAT via DLL SideloadingHIGH
Malware

Fake Claude AI Website Delivers PlugX RAT via DLL Sideloading

A fraudulent website impersonating Anthropic's Claude AI distributes a self-deleting installer that deploys the PlugX remote access trojan via DLL sideloading.

4 min read
JanelaRAT Evolves with New Anti-Analysis and Data Theft CapabilitiesHIGH
Malware

JanelaRAT Evolves with New Anti-Analysis and Data Theft Capabilities

Kaspersky researchers detail an updated JanelaRAT campaign targeting Latin American users with enhanced anti-analysis, credential theft, and remote access capabilities delivered via phishing.

3 min read
JanelaRAT Malware Campaign Targets Latin American Financial SectorHIGH
Malware

JanelaRAT Malware Campaign Targets Latin American Financial Sector

A modified version of BX RAT, dubbed JanelaRAT, has been deployed in over 14,000 attacks against banks and financial institutions in Brazil and Mexico, stealing financial data and keystrokes.

3 min read
LucidRook Malware Targets NGOs and Universities in Taiwan via Spear-PhishingHIGH
Malware

LucidRook Malware Targets NGOs and Universities in Taiwan via Spear-Phishing

A new Lua-based malware, LucidRook, is being deployed in targeted spear-phishing attacks against NGOs and universities in Taiwan, using decoy documents to establish persistence and exfiltrate data.

4 min read
Critical Marimo RCE Flaw Exploited Within Hours of DisclosureCRITICAL
Vulnerabilities

Critical Marimo RCE Flaw Exploited Within Hours of Disclosure

A critical pre-authentication remote code execution vulnerability (CVE-2026-39987) in the Marimo Python notebook was exploited in the wild within 10 hours of public disclosure, posing a severe risk to data science environments.

CVE-2026-39987
3 min read
MITRE F3 Framework Bridges Cybersecurity and Fraud AnalysisINFORMATIONAL
Tools & Techniques

MITRE F3 Framework Bridges Cybersecurity and Fraud Analysis

MITRE released the Fight Fraud Framework (F3), a unified knowledge base mapping the intersection of cyber attack tactics and financial fraud, aiming to close the operational gap between security and fraud teams.

3 min read
Obsidian Plugin Ecosystem Abused to Deliver PhantomPulse RAT in Targeted CampaignHIGH
Malware

Obsidian Plugin Ecosystem Abused to Deliver PhantomPulse RAT in Targeted Campaign

REF6598 threat group weaponizes Obsidian notes plugins to drop the PhantomPulse RAT on fintech and crypto professionals — TTP breakdown, IOCs, and what security teams should look for.

4 min readREF6598
Orthanc DICOM CVE-2023-26012: Pre-Auth RCE on Imaging ServersHIGH
Vulnerabilities

Orthanc DICOM CVE-2023-26012: Pre-Auth RCE on Imaging Servers

Three flaws in Orthanc DICOM server let unauthenticated attackers crash, read, or take over hospital imaging systems. Affected versions and patch details inside.

CVE-2023-26012CVE-2023-26013CVE-2023-26014
2 min read
VIPERTUNNEL Python Backdoor Evades Detection via Fake DLL and Obfuscated LoaderHIGH
Malware

VIPERTUNNEL Python Backdoor Evades Detection via Fake DLL and Obfuscated Loader

Threat actors deploy VIPERTUNNEL, a Python backdoor, using a fake DLL and multi-stage obfuscated loader to establish stealthy SOCKS5 proxy tunnels for persistent network access.

4 min read
← PrevPage 35 of 36Next →