Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

11/07/2026 0 Comments 0 tags

Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026.

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

11/07/2026 0 Comments 0 tags

Version 8.14.0 of the jscrambler npm package shipped with a malicious preinstall hook that silently drops and runs a native infostealer during installation, one build each for Windows, macOS, and Linux. Published on July

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

11/07/2026 0 Comments 0 tags

Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has been described

URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

10/07/2026 0 Comments 0 tags

Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to a “credible external

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

10/07/2026 0 Comments 0 tags

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

10/07/2026 0 Comments 0 tags

Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and

Laser Attack Resets Tangem Wallet Passwords on Cards That Can’t Be Patched

10/07/2026 0 Comments 0 tags

Researchers at Ledger’s Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card’s password to anything the

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

10/07/2026 0 Comments 0 tags

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

10/07/2026 0 Comments 0 tags

The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

10/07/2026 0 Comments 0 tags

A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to