China-linked threat actor compromises Notepad++ update infrastructure
China-linked threat actor compromises Notepad++ update infrastructure Security researchers from Rapid7 and Kaspersky have attributed a targeted supply-chain attack against Notepad++ to a China-aligned threat group known as Lotus[…]
21,000+ exposed AI assistants raise serious security concerns
21,000+ exposed AI assistants raise serious security concerns More than 21,000 publicly accessible instances of an open-source personal AI assistant called OpenClaw have been identified online, exposing potentially sensitive[…]
New Android Threat: Arsink RAT Goes Global
New Android Threat: Arsink RAT Goes Global A dangerous Android Remote Access Trojan (RAT) called Arsink is actively infecting mobile devices worldwide, giving attackers full control over phones while[…]
MongoDB Servers Under Active Ransomware Attack
MongoDB Servers Under Active Ransomware Attack 🔍 What’s happening? Threat actors are running large-scale, fully automated ransomware campaigns against internet-exposed MongoDB instances. Attackers scan for databases exposed on port[…]
Apple Introduces “Limit Precise Location” for Cellular Networks
Apple Introduces “Limit Precise Location” for Cellular Networks Apple is rolling out a new privacy feature that allows users to limit how precisely their location is shared with mobile[…]
Skoordynowany cyberatak na polską infrastrukturę energetyczną
Skoordynowany cyberatak na polską infrastrukturę energetyczną Z najnowszego raportu firmy Dragos wynika, że skoordynowany cyberatak wymierzony w wiele elementów polskiej sieci energetycznej został z umiarkowanym poziomem pewności przypisany rosyjskiej,[…]
Cloudflare explains a 25-minute IPv6 BGP route leak
Cloudflare explains a 25-minute IPv6 BGP route leak 🌐 Cloudflare has released a detailed post-incident analysis of a 25-minute IPv6 BGP route leak that resulted in measurable congestion, packet[…]
Cyber Attack Targets Polish Power Grid Operations
Cyber Attack Targets Polish Power Grid Operations A coordinated cyber attack targeting multiple sites across Poland’s power grid has been attributed with medium confidence to ELECTRUM, a Russian state-sponsored[…]
Cisco Patches Actively Exploited Zero-Day in Unified Communications Products
Cisco Patches Actively Exploited Zero-Day in Unified Communications Products 🔍 Cisco has disclosed and patched CVE-2026-20045, a zero-day remote code execution (RCE) vulnerability impacting multiple Cisco Unified Communications products.[…]
Microsoft Releases Emergency Office Zero-Day Fix (CVE-2026-21509)
Microsoft Releases Emergency Office Zero-Day Fix (CVE-2026-21509) Microsoft has issued out-of-band security updates to address a high-severity zero-day vulnerability in Microsoft Office that is being actively exploited in the[…]