<![CDATA[ProbablyPwned - Cybersecurity News]]> https://www.probablypwned.com https://www.probablypwned.com/logo.png ProbablyPwned - Cybersecurity News https://www.probablypwned.com RSS for Node Fri, 10 Apr 2026 19:14:07 GMT Fri, 10 Apr 2026 19:14:07 GMT <![CDATA[CPUID Hijacked: CPU-Z, HWMonitor Downloads Served Malware]]> https://www.probablypwned.com/article/cpuid-supply-chain-attack-cpu-z-hwmonitor-infostealer https://www.probablypwned.com/article/cpuid-supply-chain-attack-cpu-z-hwmonitor-infostealer Fri, 10 Apr 2026 16:45:00 GMT <![CDATA[Mercor Breach Exposes 4TB of AI Training Data After LiteLLM Attack]]> https://www.probablypwned.com/article/mercor-data-breach-4tb-litellm-supply-chain-lapsus https://www.probablypwned.com/article/mercor-data-breach-4tb-litellm-supply-chain-lapsus Fri, 10 Apr 2026 12:06:26 GMT <![CDATA[ShinyHunters Breach Anodot, Steal Data From Snowflake Customers]]> https://www.probablypwned.com/article/anodot-breach-shinyhunters-snowflake-customers-token-theft https://www.probablypwned.com/article/anodot-breach-shinyhunters-snowflake-customers-token-theft Fri, 10 Apr 2026 12:05:45 GMT <![CDATA[APT28 Deploys PRISMEX Malware Against Ukraine and NATO Allies]]> https://www.probablypwned.com/article/apt28-prismex-malware-ukraine-nato-steganography-sabotage https://www.probablypwned.com/article/apt28-prismex-malware-ukraine-nato-steganography-sabotage Fri, 10 Apr 2026 12:05:06 GMT <![CDATA[FBI Disrupts APT28's FrostArmada Router Hijacking Campaign]]> https://www.probablypwned.com/article/apt28-frostarmada-dns-hijacking-18000-routers-disrupted https://www.probablypwned.com/article/apt28-frostarmada-dns-hijacking-18000-routers-disrupted Fri, 10 Apr 2026 12:04:18 GMT <![CDATA[Smart Slider Hijacked: 900K WordPress Sites Get Backdoored]]> https://www.probablypwned.com/article/smart-slider-supply-chain-attack-900k-wordpress-backdoors https://www.probablypwned.com/article/smart-slider-supply-chain-attack-900k-wordpress-backdoors Thu, 09 Apr 2026 14:32:00 GMT <![CDATA[LAPD Records Exposed in City Attorney Breach: 337K Files Leaked]]> https://www.probablypwned.com/article/lapd-data-breach-337000-files-world-leaks-city-attorney-hack https://www.probablypwned.com/article/lapd-data-breach-337000-files-world-leaks-city-attorney-hack Thu, 09 Apr 2026 12:07:59 GMT <![CDATA[Bitcoin Depot Discloses $3.6M Bitcoin Theft in SEC Filing]]> https://www.probablypwned.com/article/bitcoin-depot-hack-3-6-million-btc-stolen-sec-8k-filing https://www.probablypwned.com/article/bitcoin-depot-hack-3-6-million-btc-stolen-sec-8k-filing Thu, 09 Apr 2026 12:07:20 GMT <![CDATA[Movable Type RCE Lets Attackers Execute Arbitrary Perl Code]]> https://www.probablypwned.com/article/movable-type-cve-2026-25776-perl-code-injection-rce https://www.probablypwned.com/article/movable-type-cve-2026-25776-perl-code-injection-rce Thu, 09 Apr 2026 12:06:46 GMT <![CDATA[North Korea Spreads 1,700 Malicious Packages Across npm, PyPI, Go, Rust]]> https://www.probablypwned.com/article/north-korea-contagious-interview-1700-malicious-packages-npm-pypi-go-rust https://www.probablypwned.com/article/north-korea-contagious-interview-1700-malicious-packages-npm-pypi-go-rust Thu, 09 Apr 2026 12:06:05 GMT <![CDATA[Second PraisonAI Sandbox Escape in a Week Scores CVSS 9.9]]> https://www.probablypwned.com/article/praisonai-cve-2026-39888-sandbox-escape-exception-frame-traversal https://www.probablypwned.com/article/praisonai-cve-2026-39888-sandbox-escape-exception-frame-traversal Thu, 09 Apr 2026 12:05:27 GMT <![CDATA[Anthropic Restricts Claude Mythos Over Vulnerability-Finding Power]]> https://www.probablypwned.com/article/anthropic-project-glasswing-claude-mythos-vulnerability-hunting https://www.probablypwned.com/article/anthropic-project-glasswing-claude-mythos-vulnerability-hunting Thu, 09 Apr 2026 12:04:43 GMT <![CDATA[13-Year-Old ActiveMQ Bug Found by Claude AI Enables RCE]]> https://www.probablypwned.com/article/activemq-cve-2026-34197-rce-jolokia-claude-ai-discovery https://www.probablypwned.com/article/activemq-cve-2026-34197-rce-jolokia-claude-ai-discovery Wed, 08 Apr 2026 16:42:00 GMT <![CDATA[ComfyUI Servers Hijacked for Monero Mining and Proxy Botnet]]> https://www.probablypwned.com/article/comfyui-cryptominer-botnet-1000-servers-compromised https://www.probablypwned.com/article/comfyui-cryptominer-botnet-1000-servers-compromised Wed, 08 Apr 2026 12:05:42 GMT <![CDATA[FBI, CISA Warn Iran Is Attacking US Water and Energy PLCs]]> https://www.probablypwned.com/article/cisa-aa26-097a-iran-plc-attacks-water-energy https://www.probablypwned.com/article/cisa-aa26-097a-iran-plc-attacks-water-energy Wed, 08 Apr 2026 12:04:58 GMT <![CDATA[Docker Auth Bypass Gives Attackers Full Host Access]]> https://www.probablypwned.com/article/docker-cve-2026-34040-authz-bypass-host-access https://www.probablypwned.com/article/docker-cve-2026-34040-authz-bypass-host-access Wed, 08 Apr 2026 12:04:20 GMT <![CDATA[Iran-Linked Hackers Spray 300+ Israeli M365 Tenants]]> https://www.probablypwned.com/article/iran-password-spraying-microsoft-365-israel-uae-300-orgs https://www.probablypwned.com/article/iran-password-spraying-microsoft-365-israel-uae-300-orgs Tue, 07 Apr 2026 12:52:35 GMT <![CDATA[Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Access]]> https://www.probablypwned.com/article/storm-1175-medusa-ransomware-zero-day-china-24-hours https://www.probablypwned.com/article/storm-1175-medusa-ransomware-zero-day-china-24-hours Tue, 07 Apr 2026 12:51:08 GMT <![CDATA[36 Fake Strapi Plugins Deploy Redis RCE and Credential Stealers]]> https://www.probablypwned.com/article/malicious-strapi-npm-packages-redis-postgresql-supply-chain https://www.probablypwned.com/article/malicious-strapi-npm-packages-redis-postgresql-supply-chain Tue, 07 Apr 2026 12:49:41 GMT <![CDATA[Flowise AI Builder RCE Hits CVSS 10 — 12,000 Servers Exposed]]> https://www.probablypwned.com/article/flowise-ai-cve-2025-59528-cvss-10-rce-12000-instances https://www.probablypwned.com/article/flowise-ai-cve-2025-59528-cvss-10-rce-12000-instances Tue, 07 Apr 2026 12:48:17 GMT <![CDATA[BlueHammer: Researcher Leaks Unpatched Windows Zero-Day Exploit]]> https://www.probablypwned.com/article/bluehammer-windows-defender-zero-day-lpe-exploit-leak https://www.probablypwned.com/article/bluehammer-windows-defender-zero-day-lpe-exploit-leak Tue, 07 Apr 2026 12:46:52 GMT <![CDATA[GPUBreach Exploits GDDR6 Rowhammer for Full System Takeover]]> https://www.probablypwned.com/article/gpubreach-gpu-rowhammer-gddr6-privilege-escalation-nvidia https://www.probablypwned.com/article/gpubreach-gpu-rowhammer-gddr6-privilege-escalation-nvidia Tue, 07 Apr 2026 12:45:25 GMT <![CDATA[CISA Orders Feds to Patch FortiClient EMS Flaw by Thursday]]> https://www.probablypwned.com/article/cisa-kev-forticlient-ems-cve-2026-35616-federal-deadline-april-9 https://www.probablypwned.com/article/cisa-kev-forticlient-ems-cve-2026-35616-federal-deadline-april-9 Mon, 06 Apr 2026 16:30:00 GMT <![CDATA[ImageMagick Zero-Days Enable RCE on Linux, WordPress via Image Upload]]> https://www.probablypwned.com/article/imagemagick-zero-day-rce-linux-wordpress-magic-byte-bypass https://www.probablypwned.com/article/imagemagick-zero-day-rce-linux-wordpress-magic-byte-bypass Mon, 06 Apr 2026 12:06:12 GMT <![CDATA[Group-Office Deserialization Bug Enables Server Takeover (CVSS 9.9)]]> https://www.probablypwned.com/article/group-office-cve-2026-34838-deserialization-rce-cvss-9-9 https://www.probablypwned.com/article/group-office-cve-2026-34838-deserialization-rce-cvss-9-9 Mon, 06 Apr 2026 12:05:38 GMT <![CDATA[Progress ShareFile Flaws Chain to Pre-Auth RCE on 30,000 Servers]]> https://www.probablypwned.com/article/progress-sharefile-cve-2026-2699-2701-pre-auth-rce-chain https://www.probablypwned.com/article/progress-sharefile-cve-2026-2699-2701-pre-auth-rce-chain Mon, 06 Apr 2026 12:04:58 GMT <![CDATA[Cisco Patches Dual 9.8 CVSS Flaws in IMC and SSM On-Prem]]> https://www.probablypwned.com/article/cisco-imc-ssm-cve-2026-20093-20160-critical-auth-bypass-rce https://www.probablypwned.com/article/cisco-imc-ssm-cve-2026-20093-20160-critical-auth-bypass-rce Mon, 06 Apr 2026 12:04:17 GMT <![CDATA[FortiClient EMS Zero-Day Under Active Exploit — Patch Now]]> https://www.probablypwned.com/article/forticlient-ems-cve-2026-35616-zero-day-api-bypass-rce https://www.probablypwned.com/article/forticlient-ems-cve-2026-35616-zero-day-api-bypass-rce Sun, 05 Apr 2026 19:45:00 GMT <![CDATA[Casbaneiro Banking Trojan Spreads via Dynamic PDF Phishing]]> https://www.probablypwned.com/article/casbaneiro-banking-trojan-latin-america-horabot-phishing https://www.probablypwned.com/article/casbaneiro-banking-trojan-latin-america-horabot-phishing Sun, 05 Apr 2026 12:07:31 GMT <![CDATA[Microsoft Warns of WhatsApp-Delivered VBS Malware Campaign]]> https://www.probablypwned.com/article/whatsapp-vbs-malware-microsoft-warning-uac-bypass-windows https://www.probablypwned.com/article/whatsapp-vbs-malware-microsoft-warning-uac-bypass-windows Sun, 05 Apr 2026 12:06:47 GMT <![CDATA[Hims & Hers Discloses Breach After Zendesk System Compromise]]> https://www.probablypwned.com/article/hims-hers-data-breach-zendesk-okta-shinyhunters https://www.probablypwned.com/article/hims-hers-data-breach-zendesk-okta-shinyhunters Sun, 05 Apr 2026 12:06:04 GMT <![CDATA[KadNap Botnet Hijacks 14,000+ ASUS Routers for Proxy Network]]> https://www.probablypwned.com/article/kadnap-botnet-asus-routers-14000-devices-proxy-network https://www.probablypwned.com/article/kadnap-botnet-asus-routers-14000-devices-proxy-network Sun, 05 Apr 2026 12:05:28 GMT <![CDATA[SparkCat Crypto Stealer Returns to iOS and Android App Stores]]> https://www.probablypwned.com/article/sparkcat-malware-app-store-google-play-crypto-ocr-stealer https://www.probablypwned.com/article/sparkcat-malware-app-store-google-play-crypto-ocr-stealer Sun, 05 Apr 2026 12:04:15 GMT <![CDATA[Sinobi Ransomware Hits 215 Victims in Six Months]]> https://www.probablypwned.com/article/sinobi-ransomware-lynx-rebrand-215-victims-2026 https://www.probablypwned.com/article/sinobi-ransomware-lynx-rebrand-215-victims-2026 Sat, 04 Apr 2026 12:05:23 GMT <![CDATA[Phantom Taurus Deploys Net-Star Backdoors Across Africa]]> https://www.probablypwned.com/article/phantom-taurus-net-star-china-apt-africa-middle-east https://www.probablypwned.com/article/phantom-taurus-net-star-china-apt-africa-middle-east Sat, 04 Apr 2026 12:04:47 GMT <![CDATA[North Korea Behind $285M Drift Protocol Heist]]> https://www.probablypwned.com/article/drift-protocol-285-million-hack-north-korea-defi https://www.probablypwned.com/article/drift-protocol-285-million-hack-north-korea-defi Sat, 04 Apr 2026 12:04:16 GMT <![CDATA[Fake Claude Code Repos Push Vidar Infostealer on GitHub]]> https://www.probablypwned.com/article/claude-code-leak-vidar-infostealer-github-campaign https://www.probablypwned.com/article/claude-code-leak-vidar-infostealer-github-campaign Sat, 04 Apr 2026 12:03:41 GMT <![CDATA[PraisonAI Sandbox Bypass Scores Perfect CVSS 10]]> https://www.probablypwned.com/article/praisonai-cve-2026-34938-sandbox-bypass-rce-cvss-10 https://www.probablypwned.com/article/praisonai-cve-2026-34938-sandbox-bypass-rce-cvss-10 Sat, 04 Apr 2026 12:03:05 GMT <![CDATA[Qilin Ransomware Hits German Left Party Amid Hybrid War Fears]]> https://www.probablypwned.com/article/qilin-ransomware-die-linke-german-political-party-hybrid-warfare https://www.probablypwned.com/article/qilin-ransomware-die-linke-german-political-party-hybrid-warfare Fri, 03 Apr 2026 16:45:00 GMT <![CDATA[NoVoice Rootkit Infected 2.3M Android Devices via Play]]> https://www.probablypwned.com/article/novoice-android-rootkit-google-play-2-3-million-devices https://www.probablypwned.com/article/novoice-android-rootkit-google-play-2-3-million-devices Fri, 03 Apr 2026 12:05:56 GMT <![CDATA[North Korea Uses GitHub as C2 in South Korea Attacks]]> https://www.probablypwned.com/article/north-korea-github-c2-lnk-south-korea-fortigate https://www.probablypwned.com/article/north-korea-github-c2-lnk-south-korea-fortigate Fri, 03 Apr 2026 12:04:56 GMT <![CDATA[Storm Infostealer Decrypts Credentials Server-Side]]> https://www.probablypwned.com/article/storm-infostealer-server-side-decryption-browser-credentials https://www.probablypwned.com/article/storm-infostealer-server-side-decryption-browser-credentials Fri, 03 Apr 2026 12:03:56 GMT <![CDATA[Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0]]> https://www.probablypwned.com/article/azure-kubernetes-cve-2026-33105-cvss-10-privilege-escalation https://www.probablypwned.com/article/azure-kubernetes-cve-2026-33105-cvss-10-privilege-escalation Fri, 03 Apr 2026 12:02:56 GMT <![CDATA[CrystalX RAT Flips Screens While Emptying Crypto Wallets]]> https://www.probablypwned.com/article/crystalx-rat-maas-stealer-prankware-kaspersky https://www.probablypwned.com/article/crystalx-rat-maas-stealer-prankware-kaspersky Thu, 02 Apr 2026 16:45:00 GMT <![CDATA[Stolen Credentials Hit Dark Web Markets Within 48 Hours]]> https://www.probablypwned.com/article/infostealer-48-hour-dark-web-enterprise-credentials https://www.probablypwned.com/article/infostealer-48-hour-dark-web-enterprise-credentials Thu, 02 Apr 2026 12:08:42 GMT <![CDATA[Hasbro Confirms Cyberattack, Warns of Weeks-Long Recovery]]> https://www.probablypwned.com/article/hasbro-cyberattack-sec-filing-weeks-recovery https://www.probablypwned.com/article/hasbro-cyberattack-sec-filing-weeks-recovery Thu, 02 Apr 2026 12:07:15 GMT <![CDATA[Italy's Largest Bank Fined $36M After Employee Snooped for Years]]> https://www.probablypwned.com/article/intesa-sanpaolo-gdpr-fine-31-million-insider-access https://www.probablypwned.com/article/intesa-sanpaolo-gdpr-fine-31-million-insider-access Thu, 02 Apr 2026 12:05:58 GMT <![CDATA[Hackers Impersonate Ukraine's CERT to Push AGEWHEEZE RAT]]> https://www.probablypwned.com/article/uac-0255-agewheeze-cert-ua-impersonation-million-emails https://www.probablypwned.com/article/uac-0255-agewheeze-cert-ua-impersonation-million-emails Thu, 02 Apr 2026 12:04:47 GMT <![CDATA[DeepLoad Malware Uses AI-Generated Code to Evade Detection]]> https://www.probablypwned.com/article/deepload-malware-clickfix-ai-evasion-wmi-persistence https://www.probablypwned.com/article/deepload-malware-clickfix-ai-evasion-wmi-persistence Thu, 02 Apr 2026 12:03:33 GMT <![CDATA[AuraStealer Spreads Via TikTok Videos Posing as Software Tutorials]]> https://www.probablypwned.com/article/aurastealer-infostealer-48-c2-domains-tiktok-distribution https://www.probablypwned.com/article/aurastealer-infostealer-48-c2-domains-tiktok-distribution Wed, 01 Apr 2026 12:06:10 GMT <![CDATA[Vertex AI Flaw Turns Enterprise AI Agents Into Data Thieves]]> https://www.probablypwned.com/article/vertex-ai-double-agent-gcp-data-exfiltration-unit42 https://www.probablypwned.com/article/vertex-ai-double-agent-gcp-data-exfiltration-unit42 Wed, 01 Apr 2026 12:05:33 GMT <![CDATA[Chinese APT Hijacked TrueConf Updates to Backdoor Governments]]> https://www.probablypwned.com/article/operation-truechaos-trueconf-zero-day-southeast-asia-apt https://www.probablypwned.com/article/operation-truechaos-trueconf-zero-day-southeast-asia-apt Wed, 01 Apr 2026 12:04:53 GMT <![CDATA[Google Patches Fourth Chrome Zero-Day of 2026]]> https://www.probablypwned.com/article/chrome-cve-2026-5281-fourth-zero-day-dawn-webgpu https://www.probablypwned.com/article/chrome-cve-2026-5281-fourth-zero-day-dawn-webgpu Wed, 01 Apr 2026 12:04:12 GMT <![CDATA[Telnetd Flaw Lets Attackers Get Root Before Login Prompt]]> https://www.probablypwned.com/article/telnetd-cve-2026-32746-cvss-9-8-unauthenticated-rce https://www.probablypwned.com/article/telnetd-cve-2026-32746-cvss-9-8-unauthenticated-rce Wed, 01 Apr 2026 12:03:31 GMT <![CDATA[Axios npm Hijack Drops Cross-Platform RAT on 100M+ Installs]]> https://www.probablypwned.com/article/axios-npm-supply-chain-rat-march-2026 https://www.probablypwned.com/article/axios-npm-supply-chain-rat-march-2026 Tue, 31 Mar 2026 18:45:00 GMT <![CDATA[Telegram Disputes Critical Zero-Click Sticker RCE Claim]]> https://www.probablypwned.com/article/telegram-zero-click-sticker-zdi-can-30207-disputed https://www.probablypwned.com/article/telegram-zero-click-sticker-zdi-can-30207-disputed Tue, 31 Mar 2026 12:06:41 GMT <![CDATA[ChatGPT Bug Let Malicious Prompts Exfiltrate Data via DNS]]> https://www.probablypwned.com/article/chatgpt-dns-tunneling-data-exfiltration-checkpoint https://www.probablypwned.com/article/chatgpt-dns-tunneling-data-exfiltration-checkpoint Tue, 31 Mar 2026 12:06:03 GMT <![CDATA[Attackers Exploiting FortiClient EMS SQLi Flaw in the Wild]]> https://www.probablypwned.com/article/forticlient-ems-cve-2026-21643-active-exploitation-march https://www.probablypwned.com/article/forticlient-ems-cve-2026-21643-active-exploitation-march Tue, 31 Mar 2026 12:05:24 GMT <![CDATA[n8n Merge Node Flaw Exposes 615K Instances to RCE]]> https://www.probablypwned.com/article/n8n-merge-node-cve-2026-33660-alasql-sandbox-rce https://www.probablypwned.com/article/n8n-merge-node-cve-2026-33660-alasql-sandbox-rce Tue, 31 Mar 2026 12:04:48 GMT <![CDATA[CISA Orders Citrix NetScaler Patches by April 2 After KEV Addition]]> https://www.probablypwned.com/article/cisa-kev-citrix-netscaler-cve-2026-3055-active-exploitation https://www.probablypwned.com/article/cisa-kev-citrix-netscaler-cve-2026-3055-active-exploitation Tue, 31 Mar 2026 12:03:54 GMT <![CDATA[FCC Bans Import of Foreign-Made Consumer Routers Over Supply Chain Risks]]> https://www.probablypwned.com/article/fcc-bans-foreign-routers-volt-typhoon-supply-chain-security https://www.probablypwned.com/article/fcc-bans-foreign-routers-volt-typhoon-supply-chain-security Mon, 30 Mar 2026 12:06:28 GMT <![CDATA[Lloyds App Glitch Exposed 450K Customers' Transactions to Other Users]]> https://www.probablypwned.com/article/lloyds-bank-app-glitch-450000-customers-transactions-exposed https://www.probablypwned.com/article/lloyds-bank-app-glitch-450000-customers-transactions-exposed Mon, 30 Mar 2026 12:05:55 GMT <![CDATA[OpenClaw Bootstrap Replay Bug Enables Admin Takeover (CVE-2026-32987)]]> https://www.probablypwned.com/article/openclaw-cve-2026-32987-bootstrap-replay-admin-takeover https://www.probablypwned.com/article/openclaw-cve-2026-32987-bootstrap-replay-admin-takeover Mon, 30 Mar 2026 12:05:24 GMT <![CDATA[Red Menshen Plants BPFDoor Sleeper Cells in Global Telecom Networks]]> https://www.probablypwned.com/article/red-menshen-bpfdoor-telecom-espionage-sleeper-cells https://www.probablypwned.com/article/red-menshen-bpfdoor-telecom-espionage-sleeper-cells Mon, 30 Mar 2026 12:04:48 GMT <![CDATA[800K Sites at Risk from Smart Slider 3 File Read Flaw]]> https://www.probablypwned.com/article/smart-slider-amelia-wordpress-plugins-urgent-march-2026-patch https://www.probablypwned.com/article/smart-slider-amelia-wordpress-plugins-urgent-march-2026-patch Sun, 29 Mar 2026 16:45:00 GMT <![CDATA[Pro-Ukraine Group Bearlyfy Deploys Custom GenieLocker Ransomware]]> https://www.probablypwned.com/article/bearlyfy-genielocker-ransomware-70-russian-companies-ukraine https://www.probablypwned.com/article/bearlyfy-genielocker-ransomware-70-russian-companies-ukraine Sun, 29 Mar 2026 12:05:26 GMT <![CDATA[F5 BIG-IP Flaw Upgraded to RCE After Active Exploitation Confirmed]]> https://www.probablypwned.com/article/f5-big-ip-apm-cve-2025-53521-cisa-kev-rce-exploitation https://www.probablypwned.com/article/f5-big-ip-apm-cve-2025-53521-cisa-kev-rce-exploitation Sun, 29 Mar 2026 12:04:50 GMT <![CDATA[TeamPCP Hijacks Telnyx PyPI Package to Deploy WAV-Hidden Stealer]]> https://www.probablypwned.com/article/teampcp-telnyx-pypi-supply-chain-wav-steganography https://www.probablypwned.com/article/teampcp-telnyx-pypi-supply-chain-wav-steganography Sun, 29 Mar 2026 12:04:07 GMT <![CDATA[Vidar Infostealer Spreads via Hacked WordPress Sites]]> https://www.probablypwned.com/article/vidar-infostealer-wordpress-fake-captcha-clickfix-campaign https://www.probablypwned.com/article/vidar-infostealer-wordpress-fake-captcha-clickfix-campaign Sat, 28 Mar 2026 12:05:13 GMT <![CDATA[European Commission Confirms AWS Cloud Breach]]> https://www.probablypwned.com/article/european-commission-aws-breach-350gb-data-stolen-cloud https://www.probablypwned.com/article/european-commission-aws-breach-350gb-data-stolen-cloud Sat, 28 Mar 2026 12:04:46 GMT <![CDATA[LangChain Flaws Expose Files, Secrets, and Databases]]> https://www.probablypwned.com/article/langchain-langgraph-cve-2026-34070-path-traversal-sql-injection https://www.probablypwned.com/article/langchain-langgraph-cve-2026-34070-path-traversal-sql-injection Sat, 28 Mar 2026 12:03:44 GMT <![CDATA[Fake VS Code Security Alerts Flood GitHub to Spread Malware]]> https://www.probablypwned.com/article/github-phishing-fake-vscode-alerts-malware-socket https://www.probablypwned.com/article/github-phishing-fake-vscode-alerts-malware-socket Fri, 27 Mar 2026 16:45:00 GMT <![CDATA[Infiniti Stealer: macOS Malware Uses ClickFix and Nuitka Compilation]]> https://www.probablypwned.com/article/infiniti-stealer-macos-clickfix-python-nuitka-infostealer https://www.probablypwned.com/article/infiniti-stealer-macos-clickfix-python-nuitka-infostealer Fri, 27 Mar 2026 12:11:33 GMT <![CDATA[RedLine Infostealer Developer Faces 50 Years After US Extradition]]> https://www.probablypwned.com/article/redline-infostealer-developer-extradited-hambardzum-minasyan-50-years https://www.probablypwned.com/article/redline-infostealer-developer-extradited-hambardzum-minasyan-50-years Fri, 27 Mar 2026 12:09:58 GMT <![CDATA[WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce]]> https://www.probablypwned.com/article/webrtc-payment-skimmer-csp-bypass-magento-ecommerce https://www.probablypwned.com/article/webrtc-payment-skimmer-csp-bypass-magento-ecommerce Fri, 27 Mar 2026 12:08:22 GMT <![CDATA[Ajax Amsterdam Breach Exposed 300K Fan Accounts to Ticket Theft]]> https://www.probablypwned.com/article/ajax-amsterdam-breach-300000-fans-ticket-hijacking-api-flaw https://www.probablypwned.com/article/ajax-amsterdam-breach-300000-fans-ticket-hijacking-api-flaw Fri, 27 Mar 2026 12:06:47 GMT <![CDATA[Ubiquiti UniFi Flaw Scores CVSS 10—Patch Before Full Takeover]]> https://www.probablypwned.com/article/ubiquiti-unifi-cve-2026-22557-cvss-10-path-traversal-takeover https://www.probablypwned.com/article/ubiquiti-unifi-cve-2026-22557-cvss-10-path-traversal-takeover Fri, 27 Mar 2026 12:05:14 GMT <![CDATA[UK Sanctions Xinbi Marketplace Over $19B in Scam Laundering]]> https://www.probablypwned.com/article/uk-sanctions-xinbi-telegram-marketplace-19-billion-pig-butchering https://www.probablypwned.com/article/uk-sanctions-xinbi-telegram-marketplace-19-billion-pig-butchering Thu, 26 Mar 2026 16:45:00 GMT <![CDATA[Device Code Phishing Hits 340+ Microsoft 365 Orgs in 5 Countries]]> https://www.probablypwned.com/article/eviltokens-device-code-phishing-340-microsoft-365-oauth-bypass https://www.probablypwned.com/article/eviltokens-device-code-phishing-340-microsoft-365-oauth-bypass Thu, 26 Mar 2026 12:07:09 GMT <![CDATA[Russian Access Broker Gets 81 Months for Yanluowang Attacks]]> https://www.probablypwned.com/article/aleksei-volkov-sentenced-81-months-yanluowang-ransomware-broker https://www.probablypwned.com/article/aleksei-volkov-sentenced-81-months-yanluowang-ransomware-broker Thu, 26 Mar 2026 12:06:36 GMT <![CDATA[Copyright Phishing Delivers PureLog Stealer to Healthcare, Gov]]> https://www.probablypwned.com/article/purelog-stealer-copyright-phishing-healthcare-government-germany https://www.probablypwned.com/article/purelog-stealer-copyright-phishing-healthcare-government-germany Thu, 26 Mar 2026 12:06:00 GMT <![CDATA[TP-Link Archer Routers Vulnerable to Unauthenticated Takeover]]> https://www.probablypwned.com/article/tp-link-archer-nx-cve-2025-15517-auth-bypass-firmware-takeover https://www.probablypwned.com/article/tp-link-archer-nx-cve-2025-15517-auth-bypass-firmware-takeover Thu, 26 Mar 2026 12:05:29 GMT <![CDATA[Torg Grabber Steals from 728 Crypto Wallets via ClickFix]]> https://www.probablypwned.com/article/torg-grabber-infostealer-728-crypto-wallets-clickfix https://www.probablypwned.com/article/torg-grabber-infostealer-728-crypto-wallets-clickfix Thu, 26 Mar 2026 12:04:51 GMT <![CDATA[TeamPCP Hijacks Checkmarx KICS Using Stolen Trivy Tokens]]> https://www.probablypwned.com/article/teampcp-checkmarx-kics-github-action-trivy-supply-chain https://www.probablypwned.com/article/teampcp-checkmarx-kics-github-action-trivy-supply-chain Wed, 25 Mar 2026 16:42:00 GMT <![CDATA[ShinyHunters Extorts Infinite Campus After Salesforce Breach]]> https://www.probablypwned.com/article/infinite-campus-shinyhunters-breach-11-million-students https://www.probablypwned.com/article/infinite-campus-shinyhunters-breach-11-million-students Wed, 25 Mar 2026 12:05:15 GMT <![CDATA[TeamPCP Poisons LiteLLM Package With Three-Stage Backdoor]]> https://www.probablypwned.com/article/teampcp-litellm-pypi-supply-chain-credential-stealer https://www.probablypwned.com/article/teampcp-litellm-pypi-supply-chain-credential-stealer Wed, 25 Mar 2026 12:04:31 GMT <![CDATA[PTC Windchill CVSS 10 RCE Bug Prompts German Police Response]]> https://www.probablypwned.com/article/ptc-windchill-flexplm-cve-2026-4681-cvss-10-imminent-threat https://www.probablypwned.com/article/ptc-windchill-flexplm-cve-2026-4681-cvss-10-imminent-threat Wed, 25 Mar 2026 12:03:52 GMT <![CDATA[Microsoft Fixes Month-Long Outlook Gmail Sync Bug]]> https://www.probablypwned.com/article/microsoft-fixes-classic-outlook-gmail-sync-bug-oauth https://www.probablypwned.com/article/microsoft-fixes-classic-outlook-gmail-sync-bug-oauth Tue, 24 Mar 2026 16:45:00 GMT <![CDATA[Europol and Microsoft Dismantle Tycoon 2FA Phishing Empire]]> https://www.probablypwned.com/article/tycoon-2fa-takedown-europol-microsoft-330-domains https://www.probablypwned.com/article/tycoon-2fa-takedown-europol-microsoft-330-domains Tue, 24 Mar 2026 12:07:14 GMT <![CDATA[Crunchyroll Breach Exposes 6.8 Million Users via Malware]]> https://www.probablypwned.com/article/crunchyroll-breach-6-8-million-zendesk-contractor-malware https://www.probablypwned.com/article/crunchyroll-breach-6-8-million-zendesk-contractor-malware Tue, 24 Mar 2026 12:06:40 GMT <![CDATA[Four Critical n8n Flaws Enable Unauthenticated RCE]]> https://www.probablypwned.com/article/n8n-march-2026-four-critical-cves-sandbox-form-injection https://www.probablypwned.com/article/n8n-march-2026-four-critical-cves-sandbox-form-injection Tue, 24 Mar 2026 12:06:03 GMT <![CDATA[Citrix NetScaler Memory Leak Exposes SAML SSO Secrets]]> https://www.probablypwned.com/article/citrix-netscaler-cve-2026-3055-saml-memory-leak https://www.probablypwned.com/article/citrix-netscaler-cve-2026-3055-saml-memory-leak Tue, 24 Mar 2026 12:05:32 GMT <![CDATA[Quest KACE SMA CVSS 10.0 Flaw Exploited in the Wild]]> https://www.probablypwned.com/article/quest-kace-sma-cve-2025-32975-cvss-10-active-exploitation https://www.probablypwned.com/article/quest-kace-sma-cve-2025-32975-cvss-10-active-exploitation Tue, 24 Mar 2026 12:04:15 GMT <![CDATA[CanisterWorm Adds Iran-Targeting Kubernetes Wiper]]> https://www.probablypwned.com/article/teampcp-canisterworm-kubernetes-wiper-iran-docker-hub https://www.probablypwned.com/article/teampcp-canisterworm-kubernetes-wiper-iran-docker-hub Mon, 23 Mar 2026 16:42:00 GMT <![CDATA[Iranian APT Deploys Fake RedAlert App to Surveil Israeli Users]]> https://www.probablypwned.com/article/iran-redalert-android-malware-israel-surveillance-unit42 https://www.probablypwned.com/article/iran-redalert-android-malware-israel-surveillance-unit42 Mon, 23 Mar 2026 12:13:00 GMT <![CDATA[AVideo RCE Chain Gives Attackers Full Server Access Without Auth]]> https://www.probablypwned.com/article/avideo-cve-2026-33478-unauthenticated-rce-chain-unpatched https://www.probablypwned.com/article/avideo-cve-2026-33478-unauthenticated-rce-chain-unpatched Mon, 23 Mar 2026 12:10:45 GMT <![CDATA[Ubuntu Desktop Flaw Lets Local Users Escalate to Root]]> https://www.probablypwned.com/article/ubuntu-cve-2026-3888-snap-confine-root-privilege-escalation https://www.probablypwned.com/article/ubuntu-cve-2026-3888-snap-confine-root-privilege-escalation Mon, 23 Mar 2026 12:08:30 GMT <![CDATA[Navia Benefit Solutions Breach Exposes 2.7 Million SSNs]]> https://www.probablypwned.com/article/navia-benefit-solutions-breach-2-7-million-ssn-exposed https://www.probablypwned.com/article/navia-benefit-solutions-breach-2-7-million-ssn-exposed Mon, 23 Mar 2026 12:06:14 GMT <![CDATA[VoidStealer Bypasses Chrome ABE Using Debugger Trick]]> https://www.probablypwned.com/article/voidstealer-chrome-master-key-debugger-abe-bypass https://www.probablypwned.com/article/voidstealer-chrome-master-key-debugger-abe-bypass Sun, 22 Mar 2026 16:45:00 GMT <![CDATA[Fortinet Patches 11 Flaws in FortiManager, FortiAnalyzer, FortiSandbox]]> https://www.probablypwned.com/article/fortinet-march-2026-eleven-cve-patch-fortimanager-fortianalyzer https://www.probablypwned.com/article/fortinet-march-2026-eleven-cve-patch-fortimanager-fortianalyzer Sun, 22 Mar 2026 12:06:55 GMT <![CDATA[Trivy Scanner Breach Spawns CanisterWorm Across 47 npm Packages]]> https://www.probablypwned.com/article/trivy-supply-chain-teampcp-canisterworm-npm-github-actions https://www.probablypwned.com/article/trivy-supply-chain-teampcp-canisterworm-npm-github-actions Sun, 22 Mar 2026 12:05:38 GMT <![CDATA[FBI Warns Russian Hackers Compromised Thousands of Signal, WhatsApp Accounts]]> https://www.probablypwned.com/article/fbi-cisa-russian-intelligence-signal-whatsapp-phishing-thousands https://www.probablypwned.com/article/fbi-cisa-russian-intelligence-signal-whatsapp-phishing-thousands Sun, 22 Mar 2026 12:04:12 GMT <![CDATA[PolyShell Flaw Exposes All Magento Stores to RCE Attacks]]> https://www.probablypwned.com/article/polyshell-magento-adobe-commerce-unauthenticated-rce https://www.probablypwned.com/article/polyshell-magento-adobe-commerce-unauthenticated-rce Sat, 21 Mar 2026 12:06:56 GMT <![CDATA[CISA Adds Apple, Craft CMS, Laravel Bugs to KEV Catalog]]> https://www.probablypwned.com/article/cisa-kev-apple-craftcms-laravel-livewire-march-2026 https://www.probablypwned.com/article/cisa-kev-apple-craftcms-laravel-livewire-march-2026 Sat, 21 Mar 2026 12:06:18 GMT <![CDATA[Speagle Malware Hijacks Cobra DocGuard to Hunt Missile Data]]> https://www.probablypwned.com/article/speagle-malware-cobra-docguard-chinese-missile-espionage https://www.probablypwned.com/article/speagle-malware-cobra-docguard-chinese-missile-espionage Sat, 21 Mar 2026 12:05:38 GMT <![CDATA[DOJ Disrupts 3M-Device Botnets Behind 31 Tbps DDoS Attacks]]> https://www.probablypwned.com/article/doj-iot-botnet-aisuru-kimwolf-31-tbps-ddos-takedown https://www.probablypwned.com/article/doj-iot-botnet-aisuru-kimwolf-31-tbps-ddos-takedown Sat, 21 Mar 2026 12:04:59 GMT <![CDATA[Langflow RCE Exploited Within 20 Hours of Disclosure]]> https://www.probablypwned.com/article/langflow-cve-2026-33017-critical-rce-20-hour-exploitation https://www.probablypwned.com/article/langflow-cve-2026-33017-critical-rce-20-hour-exploitation Sat, 21 Mar 2026 12:04:21 GMT <![CDATA[Oracle Ships Emergency Patch for Critical Identity Manager RCE]]> https://www.probablypwned.com/article/oracle-identity-manager-cve-2026-21992-emergency-patch-rce https://www.probablypwned.com/article/oracle-identity-manager-cve-2026-21992-emergency-patch-rce Fri, 20 Mar 2026 16:45:00 GMT <![CDATA[Baydöner Breach Exposes 3.7M Records With Plaintext Passwords]]> https://www.probablypwned.com/article/baydoner-turkey-data-breach-3-7-million-plaintext-passwords https://www.probablypwned.com/article/baydoner-turkey-data-breach-3-7-million-plaintext-passwords Fri, 20 Mar 2026 12:05:28 GMT <![CDATA[Excel XSS Bug Weaponizes Copilot for Zero-Click Data Theft]]> https://www.probablypwned.com/article/cve-2026-26144-excel-copilot-zero-click-data-exfiltration https://www.probablypwned.com/article/cve-2026-26144-excel-copilot-zero-click-data-exfiltration Fri, 20 Mar 2026 12:04:51 GMT <![CDATA[GlassWorm Supply Chain Attack Surges to 433 Compromised Components]]> https://www.probablypwned.com/article/glassworm-supply-chain-433-extensions-npm-github-openvsx https://www.probablypwned.com/article/glassworm-supply-chain-433-extensions-npm-github-openvsx Fri, 20 Mar 2026 12:04:12 GMT <![CDATA[Honeywell BMS Controllers Ship With No Authentication by Design]]> https://www.probablypwned.com/article/honeywell-iq4x-bms-cve-2026-3611-cvss-10-no-authentication https://www.probablypwned.com/article/honeywell-iq4x-bms-cve-2026-3611-cvss-10-no-authentication Thu, 19 Mar 2026 12:07:18 GMT <![CDATA[APT36 Floods Indian Government Networks With AI-Generated Malware]]> https://www.probablypwned.com/article/apt36-transparent-tribe-vibeware-ai-malware-india https://www.probablypwned.com/article/apt36-transparent-tribe-vibeware-ai-malware-india Thu, 19 Mar 2026 12:06:31 GMT <![CDATA[VMware Aria Operations RCE Flaw Added to CISA KEV Catalog]]> https://www.probablypwned.com/article/vmware-aria-operations-cve-2026-22719-cisa-kev-rce https://www.probablypwned.com/article/vmware-aria-operations-cve-2026-22719-cisa-kev-rce Thu, 19 Mar 2026 12:05:37 GMT <![CDATA[DarkSword Exploit Chain Hits iPhones Running iOS 18.4 to 18.7]]> https://www.probablypwned.com/article/darksword-ios-exploit-chain-iphone-infostealer-unc6353 https://www.probablypwned.com/article/darksword-ios-exploit-chain-iphone-infostealer-unc6353 Thu, 19 Mar 2026 12:04:56 GMT <![CDATA[SharePoint RCE Flaw CVE-2026-20963 Under Active Exploitation]]> https://www.probablypwned.com/article/sharepoint-cve-2026-20963-cisa-kev-deserialization-rce https://www.probablypwned.com/article/sharepoint-cve-2026-20963-cisa-kev-deserialization-rce Thu, 19 Mar 2026 12:04:24 GMT <![CDATA[Interlock Ransomware Exploited Cisco FMC Flaw 36 Days Before Disclosure]]> https://www.probablypwned.com/article/interlock-ransomware-cisco-fmc-cve-2026-20131-zero-day https://www.probablypwned.com/article/interlock-ransomware-cisco-fmc-cve-2026-20131-zero-day Thu, 19 Mar 2026 12:03:41 GMT <![CDATA[Data Broker Infutor Breach Exposes 676 Million Consumer Records]]> https://www.probablypwned.com/article/infutor-data-breach-676-million-records-ssn-exposed https://www.probablypwned.com/article/infutor-data-breach-676-million-records-ssn-exposed Wed, 18 Mar 2026 12:07:13 GMT <![CDATA[EU Sanctions Chinese and Iranian Firms Over 65K Compromised Devices]]> https://www.probablypwned.com/article/eu-sanctions-china-iran-integrity-technology-emennet-pasargad https://www.probablypwned.com/article/eu-sanctions-china-iran-integrity-technology-emennet-pasargad Wed, 18 Mar 2026 12:06:32 GMT <![CDATA[Custom Fonts Let Attackers Hide Commands from AI Assistants]]> https://www.probablypwned.com/article/font-rendering-attack-poisons-ai-assistants-layerx https://www.probablypwned.com/article/font-rendering-attack-poisons-ai-assistants-layerx Wed, 18 Mar 2026 12:05:23 GMT <![CDATA[LeakNet Ransomware Ditches IABs for ClickFix and Deno]]> https://www.probablypwned.com/article/leaknet-ransomware-clickfix-deno-in-memory-loader https://www.probablypwned.com/article/leaknet-ransomware-clickfix-deno-in-memory-loader Wed, 18 Mar 2026 12:04:33 GMT <![CDATA[GNU telnetd Flaw Grants Root Access Before Login Prompt]]> https://www.probablypwned.com/article/gnu-inetutils-telnetd-cve-2026-32746-rce-unpatched https://www.probablypwned.com/article/gnu-inetutils-telnetd-cve-2026-32746-rce-unpatched Wed, 18 Mar 2026 12:03:47 GMT <![CDATA[No Malware Needed: Stryker Attackers Weaponized Intune]]> https://www.probablypwned.com/article/stryker-wiper-attack-no-malware-intune-mdm-lessons https://www.probablypwned.com/article/stryker-wiper-attack-no-malware-intune-mdm-lessons Tue, 17 Mar 2026 16:45:00 GMT <![CDATA[Russia-Linked DRILLAPP Backdoor Weaponizes Edge Browser Debugging]]> https://www.probablypwned.com/article/drillapp-backdoor-ukraine-edge-browser-debugging-russia https://www.probablypwned.com/article/drillapp-backdoor-ukraine-edge-browser-debugging-russia Tue, 17 Mar 2026 12:09:30 GMT <![CDATA[ShinyHunters Claims 1 Petabyte Theft from Telus Digital, Demands $65M]]> https://www.probablypwned.com/article/telus-digital-shinyhunters-breach-1-petabyte-65m-ransom https://www.probablypwned.com/article/telus-digital-shinyhunters-breach-1-petabyte-65m-ransom Tue, 17 Mar 2026 12:08:51 GMT <![CDATA[Companies House UK Flaw Exposed 5 Million Firms to Data Theft]]> https://www.probablypwned.com/article/companies-house-uk-webfiling-flaw-5-million-exposed https://www.probablypwned.com/article/companies-house-uk-webfiling-flaw-5-million-exposed Tue, 17 Mar 2026 12:08:03 GMT <![CDATA[MacSync Stealer Spreads via Fake AI Tool Installers in ClickFix Wave]]> https://www.probablypwned.com/article/macsync-infostealer-clickfix-ai-tools-fake-chatgpt https://www.probablypwned.com/article/macsync-infostealer-clickfix-ai-tools-fake-chatgpt Tue, 17 Mar 2026 12:07:19 GMT <![CDATA[Konni APT Hijacks KakaoTalk to Spread EndRAT Across Contacts]]> https://www.probablypwned.com/article/konni-apt-kakaotalk-endrat-north-korea-spear-phishing https://www.probablypwned.com/article/konni-apt-kakaotalk-endrat-north-korea-spear-phishing Tue, 17 Mar 2026 12:06:41 GMT <![CDATA[Wing FTP Server RCE Flaw Still Exploited Eight Months After Patch]]> https://www.probablypwned.com/article/wing-ftp-server-cve-2025-47812-cisa-kev-10000-servers https://www.probablypwned.com/article/wing-ftp-server-cve-2025-47812-cisa-kev-10000-servers Mon, 16 Mar 2026 18:45:00 GMT <![CDATA[ShinyHunters Claims 400 Companies Breached via Salesforce Aura Flaw]]> https://www.probablypwned.com/article/shinyhunters-salesforce-aura-breach-921k-records-400-companies https://www.probablypwned.com/article/shinyhunters-salesforce-aura-breach-921k-records-400-companies Mon, 16 Mar 2026 12:08:29 GMT <![CDATA[250+ WordPress Sites Compromised to Deliver Infostealers via ClickFix]]> https://www.probablypwned.com/article/wordpress-clickfix-campaign-250-sites-vidar-vodka-stealer https://www.probablypwned.com/article/wordpress-clickfix-campaign-250-sites-vidar-vodka-stealer Mon, 16 Mar 2026 12:07:46 GMT <![CDATA[AuraStealer Spreads via TikTok ClickFix Scams, Targets 110+ Browsers]]> https://www.probablypwned.com/article/aurastealer-infostealer-tiktok-clickfix-48-c2-domains https://www.probablypwned.com/article/aurastealer-infostealer-tiktok-clickfix-48-c2-domains Mon, 16 Mar 2026 12:07:02 GMT <![CDATA[HPE AOS-CX Switches Vulnerable to Admin Password Reset (CVSS 9.8)]]> https://www.probablypwned.com/article/hpe-aruba-aos-cx-cve-2026-23813-admin-password-reset https://www.probablypwned.com/article/hpe-aruba-aos-cx-cve-2026-23813-admin-password-reset Mon, 16 Mar 2026 12:06:20 GMT <![CDATA[Betterleaks: Gitleaks Creator Launches Faster Secrets Scanner]]> https://www.probablypwned.com/article/betterleaks-gitleaks-secrets-scanner-zach-rice-aikido https://www.probablypwned.com/article/betterleaks-gitleaks-secrets-scanner-zach-rice-aikido Sun, 15 Mar 2026 16:45:00 GMT <![CDATA[Chinese APT Targets Qatar Within Hours of Middle East Escalation]]> https://www.probablypwned.com/article/china-nexus-plugx-qatar-middle-east-conflict-espionage https://www.probablypwned.com/article/china-nexus-plugx-qatar-middle-east-conflict-espionage Sun, 15 Mar 2026 12:06:06 GMT <![CDATA[APT37 Deploys Five New Tools to Breach Air-Gapped Networks]]> https://www.probablypwned.com/article/apt37-ruby-jumper-air-gapped-systems-restleaf-malware https://www.probablypwned.com/article/apt37-ruby-jumper-air-gapped-systems-restleaf-malware Sun, 15 Mar 2026 12:05:22 GMT <![CDATA[North Korean Hackers Pose as Recruiters to Backdoor Developers]]> https://www.probablypwned.com/article/contagious-interview-north-korea-developer-job-malware https://www.probablypwned.com/article/contagious-interview-north-korea-developer-job-malware Sun, 15 Mar 2026 12:04:37 GMT <![CDATA[A0Backdoor Hits Finance and Healthcare via Teams Impersonation]]> https://www.probablypwned.com/article/a0backdoor-microsoft-teams-phishing-finance-healthcare https://www.probablypwned.com/article/a0backdoor-microsoft-teams-phishing-finance-healthcare Sun, 15 Mar 2026 12:03:54 GMT <![CDATA[GlassWorm Escalates: 72 Malicious VSCode Extensions Steal Credentials]]> https://www.probablypwned.com/article/glassworm-vscode-extensions-72-malicious-supply-chain-attack https://www.probablypwned.com/article/glassworm-vscode-extensions-72-malicious-supply-chain-attack Sun, 15 Mar 2026 12:03:07 GMT <![CDATA[AppsFlyer SDK Hijacked to Steal Crypto via Supply Chain Attack]]> https://www.probablypwned.com/article/appsflyer-sdk-supply-chain-crypto-clipper-attack https://www.probablypwned.com/article/appsflyer-sdk-supply-chain-crypto-clipper-attack Sat, 14 Mar 2026 16:45:00 GMT <![CDATA[Starbucks Breach Exposes SSNs of 889 Employees via Phishing]]> https://www.probablypwned.com/article/starbucks-partner-central-breach-889-employees-ssn-exposed https://www.probablypwned.com/article/starbucks-partner-central-breach-889-employees-ssn-exposed Sat, 14 Mar 2026 12:07:29 GMT <![CDATA[Storm-2561 Spreads Trojanized VPN Clients via SEO Poisoning]]> https://www.probablypwned.com/article/storm-2561-fake-vpn-clients-seo-poisoning-credential-theft https://www.probablypwned.com/article/storm-2561-fake-vpn-clients-seo-poisoning-credential-theft Sat, 14 Mar 2026 12:06:38 GMT <![CDATA[INTERPOL Operation Synergia III: 94 Arrests, 45K IPs Taken Down]]> https://www.probablypwned.com/article/interpol-operation-synergia-iii-94-arrests-45000-ips-takedown https://www.probablypwned.com/article/interpol-operation-synergia-iii-94-arrests-45000-ips-takedown Sat, 14 Mar 2026 12:05:47 GMT <![CDATA[CrackArmor: 9 AppArmor Flaws Expose 12.6M Linux Servers to Root]]> https://www.probablypwned.com/article/crackarmor-apparmor-nine-flaws-12-million-linux-privilege-escalation https://www.probablypwned.com/article/crackarmor-apparmor-nine-flaws-12-million-linux-privilege-escalation Sat, 14 Mar 2026 12:04:52 GMT <![CDATA[Chrome Zero-Days CVE-2026-3909, CVE-2026-3910 Hit CISA KEV]]> https://www.probablypwned.com/article/chrome-zero-days-cve-2026-3909-3910-skia-v8-cisa-kev https://www.probablypwned.com/article/chrome-zero-days-cve-2026-3909-3910-skia-v8-cisa-kev Sat, 14 Mar 2026 12:03:39 GMT <![CDATA[AI-Generated Slopoly Backdoor Powers Interlock Ransomware Attacks]]> https://www.probablypwned.com/article/slopoly-ai-generated-malware-interlock-ransomware-hive0163 https://www.probablypwned.com/article/slopoly-ai-generated-malware-interlock-ransomware-hive0163 Fri, 13 Mar 2026 16:45:00 GMT <![CDATA[Salt Typhoon Affiliate Hits Telecoms in 30+ Countries With TernDoor]]> https://www.probablypwned.com/article/uat-9244-salt-typhoon-terndoor-telecom-30-countries https://www.probablypwned.com/article/uat-9244-salt-typhoon-terndoor-telecom-30-countries Fri, 13 Mar 2026 12:06:53 GMT <![CDATA[BeatBanker Malware Drains Brazilian Phones for Crypto and Creds]]> https://www.probablypwned.com/article/beatbanker-android-malware-brazil-crypto-mining-banking https://www.probablypwned.com/article/beatbanker-android-malware-brazil-crypto-mining-banking Fri, 13 Mar 2026 12:06:10 GMT <![CDATA[MicroStealer Evades Detection With Electron-to-Java Payload Chain]]> https://www.probablypwned.com/article/microstealer-infostealer-electron-java-delivery-chain https://www.probablypwned.com/article/microstealer-infostealer-electron-java-delivery-chain Fri, 13 Mar 2026 12:05:24 GMT <![CDATA[WordPress Membership Plugin Flaw Lets Anyone Become Admin]]> https://www.probablypwned.com/article/cve-2026-1492-wordpress-membership-plugin-admin-takeover https://www.probablypwned.com/article/cve-2026-1492-wordpress-membership-plugin-admin-takeover Fri, 13 Mar 2026 12:04:45 GMT <![CDATA[Veeam Patches Five Critical RCE Flaws in Backup & Replication]]> https://www.probablypwned.com/article/veeam-critical-rce-vulnerabilities-cvss-9-9-backup-servers https://www.probablypwned.com/article/veeam-critical-rce-vulnerabilities-cvss-9-9-backup-servers Thu, 12 Mar 2026 16:45:00 GMT <![CDATA[Handala Wipes 200,000 Stryker Devices Using Microsoft Intune]]> https://www.probablypwned.com/article/stryker-handala-wiper-200000-devices-intune-iran https://www.probablypwned.com/article/stryker-handala-wiper-200000-devices-intune-iran Thu, 12 Mar 2026 12:06:14 GMT <![CDATA[MuddyWater Deploys Dindoor Backdoor Against US Bank, Airport]]> https://www.probablypwned.com/article/muddywater-dindoor-backdoor-us-bank-airport-mois https://www.probablypwned.com/article/muddywater-dindoor-backdoor-us-bank-airport-mois Thu, 12 Mar 2026 12:05:27 GMT <![CDATA[CISA Adds n8n RCE Flaw to KEV as 24,700 Instances Sit Exposed]]> https://www.probablypwned.com/article/cisa-kev-n8n-cve-2025-68613-expression-injection-rce https://www.probablypwned.com/article/cisa-kev-n8n-cve-2025-68613-expression-injection-rce Thu, 12 Mar 2026 12:04:18 GMT <![CDATA[FIN6 Targets Recruiters with Resume-Themed Malware and EDR Killer]]> https://www.probablypwned.com/article/fin6-hr-recruiter-malware-blacksanta-edr-killer https://www.probablypwned.com/article/fin6-hr-recruiter-malware-blacksanta-edr-killer Wed, 11 Mar 2026 12:35:51 GMT <![CDATA[Five Malicious Rust Crates Posed as Time Utilities to Steal .env Files]]> https://www.probablypwned.com/article/malicious-rust-crates-time-utilities-env-file-theft https://www.probablypwned.com/article/malicious-rust-crates-time-utilities-env-file-theft Wed, 11 Mar 2026 12:28:09 GMT <![CDATA[KadNap Malware Hijacks 14,000 Routers for Underground Proxy Network]]> https://www.probablypwned.com/article/kadnap-malware-14000-asus-routers-proxy-botnet https://www.probablypwned.com/article/kadnap-malware-14000-asus-routers-proxy-botnet Wed, 11 Mar 2026 12:20:33 GMT <![CDATA[Ivanti EPM Auth Bypass Now Under Active Exploitation, CISA Warns]]> https://www.probablypwned.com/article/ivanti-epm-cve-2026-1603-auth-bypass-cisa-kev-exploitation https://www.probablypwned.com/article/ivanti-epm-cve-2026-1603-auth-bypass-cisa-kev-exploitation Wed, 11 Mar 2026 12:12:47 GMT <![CDATA[Microsoft Patches 83 Flaws in March 2026, Two Zero-Days Disclosed]]> https://www.probablypwned.com/article/microsoft-march-2026-patch-tuesday-83-cves-two-zero-days https://www.probablypwned.com/article/microsoft-march-2026-patch-tuesday-83-cves-two-zero-days Wed, 11 Mar 2026 12:05:22 GMT <![CDATA[Microsoft Enables Windows Hotpatch Updates by Default in May]]> https://www.probablypwned.com/article/microsoft-windows-autopatch-hotpatch-default-may-2026 https://www.probablypwned.com/article/microsoft-windows-autopatch-hotpatch-default-may-2026 Tue, 10 Mar 2026 16:45:00 GMT <![CDATA[Ericsson US Discloses Breach After Vendor Hack Exposes SSNs]]> https://www.probablypwned.com/article/ericsson-us-vendor-data-breach-ssn-employee-customer-data https://www.probablypwned.com/article/ericsson-us-vendor-data-breach-ssn-employee-customer-data Tue, 10 Mar 2026 12:07:22 GMT <![CDATA[TriZetto Breach Exposes 3.4 Million Healthcare Records]]> https://www.probablypwned.com/article/trizetto-cognizant-data-breach-3-4-million-healthcare-records https://www.probablypwned.com/article/trizetto-cognizant-data-breach-3-4-million-healthcare-records Tue, 10 Mar 2026 12:06:44 GMT <![CDATA[Velvet Tempest Deploys CastleRAT via ClickFix Attacks]]> https://www.probablypwned.com/article/velvet-tempest-clickfix-donutloader-castlerat-termite-ransomware https://www.probablypwned.com/article/velvet-tempest-clickfix-donutloader-castlerat-termite-ransomware Tue, 10 Mar 2026 12:06:03 GMT <![CDATA[APT28 Uses BEARDSHELL and COVENANT to Spy on Ukraine]]> https://www.probablypwned.com/article/apt28-beardshell-covenant-ukraine-military-surveillance https://www.probablypwned.com/article/apt28-beardshell-covenant-ukraine-military-surveillance Tue, 10 Mar 2026 12:05:26 GMT <![CDATA[AI Assistants Are Rewriting the Defensive Security Playbook]]> https://www.probablypwned.com/article/ai-assistants-defensive-security-attack-surface-expansion https://www.probablypwned.com/article/ai-assistants-defensive-security-attack-surface-expansion Mon, 09 Mar 2026 16:30:00 GMT <![CDATA[Silver Dragon Uses Google Drive as C2 in Government Attacks]]> https://www.probablypwned.com/article/silver-dragon-apt41-geardoor-bamboloader-google-drive-c2 https://www.probablypwned.com/article/silver-dragon-apt41-geardoor-bamboloader-google-drive-c2 Mon, 09 Mar 2026 12:08:02 GMT <![CDATA[VOID#GEIST Delivers XWorm and AsyncRAT via Fileless Injection]]> https://www.probablypwned.com/article/void-geist-malware-xworm-asyncrat-xenorat-fileless-campaign https://www.probablypwned.com/article/void-geist-malware-xworm-asyncrat-xenorat-fileless-campaign Mon, 09 Mar 2026 12:06:45 GMT <![CDATA[Atop EHG2408 Industrial Switch RCE Hits CVSS 9.3]]> https://www.probablypwned.com/article/atop-ehg2408-switch-cve-2026-3823-rce-industrial-networks https://www.probablypwned.com/article/atop-ehg2408-switch-cve-2026-3823-rce-industrial-networks Mon, 09 Mar 2026 12:05:28 GMT <![CDATA[Delta Electronics COMMGR2 Flaws Score CVSS 9.8]]> https://www.probablypwned.com/article/delta-electronics-commgr2-cve-2026-3630-3631-buffer-overflow https://www.probablypwned.com/article/delta-electronics-commgr2-cve-2026-3630-3631-buffer-overflow Mon, 09 Mar 2026 12:04:10 GMT <![CDATA[White House Unveils 2026 Cybersecurity Strategy Prioritizing Offense]]> https://www.probablypwned.com/article/us-national-cybersecurity-strategy-2026-six-pillars-offense https://www.probablypwned.com/article/us-national-cybersecurity-strategy-2026-six-pillars-offense Sun, 08 Mar 2026 12:08:00 GMT <![CDATA[SloppyLemming Espionage Campaign Targets South Asian Governments]]> https://www.probablypwned.com/article/sloppylemming-apt-pakistan-bangladesh-burrowshell-rust-rat https://www.probablypwned.com/article/sloppylemming-apt-pakistan-bangladesh-burrowshell-rust-rat Sun, 08 Mar 2026 12:07:16 GMT <![CDATA[Caddy Server Flaw Lets Users Impersonate Admins]]> https://www.probablypwned.com/article/caddy-cve-2026-30851-forward-auth-header-injection-privilege-escalation https://www.probablypwned.com/article/caddy-cve-2026-30851-forward-auth-header-injection-privilege-escalation Sun, 08 Mar 2026 12:06:42 GMT <![CDATA[WeKnora AI Framework Hit with Twin CVSS 9.9 RCE Flaws]]> https://www.probablypwned.com/article/weknora-cve-2026-30860-30861-ai-framework-rce-cvss-9-9 https://www.probablypwned.com/article/weknora-cve-2026-30860-30861-ai-framework-rce-cvss-9-9 Sun, 08 Mar 2026 12:05:59 GMT <![CDATA[Iran-Linked Dust Specter APT Deploys AI-Assisted Malware Against Iraq]]> https://www.probablypwned.com/article/dust-specter-iran-apt-iraq-splitdrop-ghostform-ai-malware https://www.probablypwned.com/article/dust-specter-iran-apt-iraq-splitdrop-ghostform-ai-malware Sat, 07 Mar 2026 13:17:55 GMT <![CDATA[Cisco SD-WAN Flaws CVE-2026-20122 and 20128 Under Active Attack]]> https://www.probablypwned.com/article/cisco-sd-wan-cve-2026-20122-20128-web-shell-exploitation https://www.probablypwned.com/article/cisco-sd-wan-cve-2026-20122-20128-web-shell-exploitation Sat, 07 Mar 2026 13:13:22 GMT <![CDATA[FBI Investigating Hack of Wiretap Surveillance System]]> https://www.probablypwned.com/article/fbi-surveillance-system-hack-wiretap-fisa-march-2026 https://www.probablypwned.com/article/fbi-surveillance-system-hack-wiretap-fisa-march-2026 Sat, 07 Mar 2026 13:08:47 GMT <![CDATA[Cisco SD-WAN Manager Flaws Actively Exploited for Web Shells]]> https://www.probablypwned.com/article/cisco-catalyst-sd-wan-cve-2026-20122-20128-web-shell-exploitation https://www.probablypwned.com/article/cisco-catalyst-sd-wan-cve-2026-20122-20128-web-shell-exploitation Sat, 07 Mar 2026 13:06:47 GMT <![CDATA[Wikipedia Hit by Self-Propagating JavaScript Worm]]> https://www.probablypwned.com/article/wikipedia-javascript-worm-4000-pages-wikimedia-march-2026 https://www.probablypwned.com/article/wikipedia-javascript-worm-4000-pages-wikimedia-march-2026 Sat, 07 Mar 2026 13:04:12 GMT <![CDATA[Wikipedia Hit by Self-Propagating JavaScript Worm]]> https://www.probablypwned.com/article/wikipedia-javascript-worm-user-script-incident-march-2026 https://www.probablypwned.com/article/wikipedia-javascript-worm-user-script-incident-march-2026 Sat, 07 Mar 2026 13:04:12 GMT <![CDATA[Dutch Paint Giant AkzoNobel Hit by Anubis Ransomware]]> https://www.probablypwned.com/article/akzonobel-anubis-ransomware-170gb-data-breach https://www.probablypwned.com/article/akzonobel-anubis-ransomware-170gb-data-breach Fri, 06 Mar 2026 13:06:38 GMT <![CDATA[Coruna iOS Exploit Kit: 23 Attacks From Spies to Criminals]]> https://www.probablypwned.com/article/coruna-ios-exploit-kit-23-exploits-us-government-tools https://www.probablypwned.com/article/coruna-ios-exploit-kit-23-exploits-us-government-tools Fri, 06 Mar 2026 13:05:56 GMT <![CDATA[CISA Adds Hikvision and Rockwell CVSS 9.8 Flaws to KEV Catalog]]> https://www.probablypwned.com/article/cisa-kev-hikvision-rockwell-cvss-9-8-march-2026 https://www.probablypwned.com/article/cisa-kev-hikvision-rockwell-cvss-9-8-march-2026 Fri, 06 Mar 2026 13:05:18 GMT <![CDATA[FreeScout Zero-Click RCE Lets Hackers Hijack Servers via Email]]> https://www.probablypwned.com/article/freescout-cve-2026-28289-zero-click-rce-email-cvss-10 https://www.probablypwned.com/article/freescout-cve-2026-28289-zero-click-rce-email-cvss-10 Fri, 06 Mar 2026 13:04:35 GMT <![CDATA[Attackers Use Bing AI Search to Distribute GhostSocks Malware]]> https://www.probablypwned.com/article/bing-ai-ghostsocks-malware-fake-openclaw-github-repos https://www.probablypwned.com/article/bing-ai-ghostsocks-malware-fake-openclaw-github-repos Thu, 05 Mar 2026 13:07:05 GMT <![CDATA[HungerRush POS Extortion: Threat Actor Mass-Mails Restaurant Customers]]> https://www.probablypwned.com/article/hungerrush-pos-extortion-infostealer-restaurant-customers https://www.probablypwned.com/article/hungerrush-pos-extortion-infostealer-restaurant-customers Thu, 05 Mar 2026 13:06:26 GMT <![CDATA[LastPass Warns of Phishing Campaign Targeting Master Passwords]]> https://www.probablypwned.com/article/lastpass-phishing-campaign-master-password-theft-march-2026 https://www.probablypwned.com/article/lastpass-phishing-campaign-master-password-theft-march-2026 Thu, 05 Mar 2026 13:05:45 GMT <![CDATA[Malicious Laravel Packages on Packagist Deploy Cross-Platform RAT]]> https://www.probablypwned.com/article/packagist-laravel-rat-supply-chain-attack-nhattuanbl https://www.probablypwned.com/article/packagist-laravel-rat-supply-chain-attack-nhattuanbl Thu, 05 Mar 2026 13:05:09 GMT <![CDATA[Cisco FMC RADIUS Flaw Scores CVSS 10 for Pre-Auth RCE]]> https://www.probablypwned.com/article/cisco-fmc-cve-2025-20265-radius-rce-cvss-10 https://www.probablypwned.com/article/cisco-fmc-cve-2025-20265-radius-rce-cvss-10 Wed, 04 Mar 2026 16:45:00 GMT <![CDATA[Iran's Electronic Operations Room Coordinates 60 Hacktivist Groups]]> https://www.probablypwned.com/article/iran-electronic-operations-room-unit-42-hacktivist-surge https://www.probablypwned.com/article/iran-electronic-operations-room-unit-42-hacktivist-surge Wed, 04 Mar 2026 13:04:11 GMT <![CDATA[AuraStealer Expands to 48 C2 Domains Filling Lumma Void]]> https://www.probablypwned.com/article/aurastealer-infostealer-48-c2-domains-lumma-successor https://www.probablypwned.com/article/aurastealer-infostealer-48-c2-domains-lumma-successor Wed, 04 Mar 2026 13:03:24 GMT <![CDATA[LexisNexis Breach Exposes Government and Law Firm Data]]> https://www.probablypwned.com/article/lexisnexis-fulcrumsec-react2shell-aws-breach-gov-data https://www.probablypwned.com/article/lexisnexis-fulcrumsec-react2shell-aws-breach-gov-data Tue, 03 Mar 2026 18:45:00 GMT <![CDATA[North Korean StegaBin Campaign Hides C2 in Pastebin Essays]]> https://www.probablypwned.com/article/stegabin-north-korea-npm-pastebin-steganography-rat https://www.probablypwned.com/article/stegabin-north-korea-npm-pastebin-steganography-rat Tue, 03 Mar 2026 13:04:44 GMT <![CDATA[Eclipse OpenMQ Ships With Critical Default Admin Credentials]]> https://www.probablypwned.com/article/openmq-cve-2026-22886-default-credentials-cvss-9-8 https://www.probablypwned.com/article/openmq-cve-2026-22886-default-credentials-cvss-9-8 Tue, 03 Mar 2026 13:04:05 GMT <![CDATA[APT28 Linked to MSHTML Zero-Day Exploited Before Patch]]> https://www.probablypwned.com/article/apt28-mshtml-zero-day-cve-2026-21513-russia-attribution https://www.probablypwned.com/article/apt28-mshtml-zero-day-cve-2026-21513-russia-attribution Tue, 03 Mar 2026 13:03:23 GMT <![CDATA[Android March Patch Fixes Qualcomm Zero-Day Under Attack]]> https://www.probablypwned.com/article/android-march-2026-qualcomm-zero-day-cve-2026-21385 https://www.probablypwned.com/article/android-march-2026-qualcomm-zero-day-cve-2026-21385 Tue, 03 Mar 2026 13:02:36 GMT <![CDATA[Two Cybersecurity Pros Face 20 Years for ALPHV Ransomware Role]]> https://www.probablypwned.com/article/alphv-blackcat-cybersecurity-pros-guilty-plea-20-years https://www.probablypwned.com/article/alphv-blackcat-cybersecurity-pros-guilty-plea-20-years Mon, 02 Mar 2026 13:07:14 GMT <![CDATA[DDoS Attacks Now a Permanent Threat, Link11 Report Finds]]> https://www.probablypwned.com/article/link11-european-ddos-report-2026-permanent-threat https://www.probablypwned.com/article/link11-european-ddos-report-2026-permanent-threat Mon, 02 Mar 2026 13:06:29 GMT <![CDATA[Google Disrupts UNC2814 GRIDTIDE Campaign Targeting 53 Orgs]]> https://www.probablypwned.com/article/unc2814-gridtide-google-sheets-china-espionage-53-breaches https://www.probablypwned.com/article/unc2814-gridtide-google-sheets-china-espionage-53-breaches Mon, 02 Mar 2026 13:05:42 GMT <![CDATA[U-Office Force CVE-2026-3422 Enables Unauthenticated RCE]]> https://www.probablypwned.com/article/u-office-force-cve-2026-3422-insecure-deserialization-rce https://www.probablypwned.com/article/u-office-force-cve-2026-3422-insecure-deserialization-rce Mon, 02 Mar 2026 13:04:17 GMT <![CDATA[Samsung Halts Texas TV Data Collection Without Consent]]> https://www.probablypwned.com/article/samsung-texas-acr-data-collection-express-consent-settlement https://www.probablypwned.com/article/samsung-texas-acr-data-collection-express-consent-settlement Sun, 01 Mar 2026 16:45:00 GMT <![CDATA[CISA: RESURGE Malware Can Remain Dormant on Ivanti Devices]]> https://www.probablypwned.com/article/cisa-resurge-malware-ivanti-dormant-persistence-update https://www.probablypwned.com/article/cisa-resurge-malware-ivanti-dormant-persistence-update Sun, 01 Mar 2026 13:05:44 GMT <![CDATA[UnsolicitedBooker APT Targets Central Asian Telecoms]]> https://www.probablypwned.com/article/unsolicitedbooker-china-apt-lucidoor-marssnake-central-asia https://www.probablypwned.com/article/unsolicitedbooker-china-apt-lucidoor-marssnake-central-asia Sun, 01 Mar 2026 13:05:02 GMT <![CDATA[wpForo Forum Plugin Hit by Six Critical Vulnerabilities]]> https://www.probablypwned.com/article/wpforo-forum-multiple-cves-sqli-rce-wordpress-plugin https://www.probablypwned.com/article/wpforo-forum-multiple-cves-sqli-rce-wordpress-plugin Sun, 01 Mar 2026 13:04:17 GMT <![CDATA[Juniper PTX Routers Vulnerable to Unauthenticated Root RCE]]> https://www.probablypwned.com/article/juniper-ptx-cve-2026-21902-root-rce-anomaly-detection https://www.probablypwned.com/article/juniper-ptx-cve-2026-21902-root-rce-anomaly-detection Sun, 01 Mar 2026 13:03:23 GMT <![CDATA[QuickLens Chrome Extension Steals Crypto via ClickFix]]> https://www.probablypwned.com/article/quicklens-chrome-extension-clickfix-crypto-wallet-theft https://www.probablypwned.com/article/quicklens-chrome-extension-clickfix-crypto-wallet-theft Sat, 28 Feb 2026 16:42:00 GMT <![CDATA[Malicious OpenClaw Skills Trick AI Agents Into Installing macOS Stealer]]> https://www.probablypwned.com/article/openclaw-malicious-skills-amos-macos-stealer-ai-agents https://www.probablypwned.com/article/openclaw-malicious-skills-amos-macos-stealer-ai-agents Sat, 28 Feb 2026 13:07:25 GMT <![CDATA[Aeternum Botnet Uses Polygon Blockchain as Takedown-Proof C2]]> https://www.probablypwned.com/article/aeternum-c2-botnet-polygon-blockchain-smart-contracts https://www.probablypwned.com/article/aeternum-c2-botnet-polygon-blockchain-smart-contracts Sat, 28 Feb 2026 13:06:36 GMT <![CDATA[Malicious NuGet Package Impersonated Stripe to Steal API Tokens]]> https://www.probablypwned.com/article/stripeapi-net-nuget-typosquat-supply-chain-attack-api-tokens https://www.probablypwned.com/article/stripeapi-net-nuget-typosquat-supply-chain-attack-api-tokens Sat, 28 Feb 2026 13:05:20 GMT <![CDATA[WeGIA Charity Management Platform Exposes Three Critical Flaws]]> https://www.probablypwned.com/article/wegia-cve-2026-28408-critical-auth-bypass-charitable-institutions https://www.probablypwned.com/article/wegia-cve-2026-28408-critical-auth-bypass-charitable-institutions Sat, 28 Feb 2026 13:04:34 GMT <![CDATA[Centreon Open Tickets Hit by Critical CVSS 9.9 Path Traversal Flaw]]> https://www.probablypwned.com/article/centreon-open-tickets-cve-2026-2749-critical-path-traversal https://www.probablypwned.com/article/centreon-open-tickets-cve-2026-2749-critical-path-traversal Sat, 28 Feb 2026 13:03:51 GMT <![CDATA[APT37 Ruby Jumper Campaign Targets Air-Gapped Networks]]> https://www.probablypwned.com/article/apt37-ruby-jumper-air-gapped-network-usb-malware https://www.probablypwned.com/article/apt37-ruby-jumper-air-gapped-network-usb-malware Fri, 27 Feb 2026 16:45:00 GMT <![CDATA[Vikunja Auth Flaw Lets Attackers Maintain Access After Password Reset]]> https://www.probablypwned.com/article/vikunja-cve-2026-27575-weak-password-persistent-sessions https://www.probablypwned.com/article/vikunja-cve-2026-27575-weak-password-persistent-sessions Fri, 27 Feb 2026 13:06:45 GMT <![CDATA[Dohdoor Backdoor Targets US Healthcare and Education Sectors]]> https://www.probablypwned.com/article/uat-10027-dohdoor-backdoor-us-healthcare-education https://www.probablypwned.com/article/uat-10027-dohdoor-backdoor-us-healthcare-education Fri, 27 Feb 2026 13:05:33 GMT <![CDATA[CVSS 9.4 Flaw Lets Attackers Hijack EV Charging Stations]]> https://www.probablypwned.com/article/ocpp-websocket-cve-2026-20781-ev-charging-impersonation https://www.probablypwned.com/article/ocpp-websocket-cve-2026-20781-ev-charging-impersonation Fri, 27 Feb 2026 13:04:22 GMT <![CDATA[Xerox FreeFlow Core RCE Flaw Lets Attackers Hijack Print Servers]]> https://www.probablypwned.com/article/xerox-freeflow-cve-2026-2251-path-traversal-rce https://www.probablypwned.com/article/xerox-freeflow-cve-2026-2251-path-traversal-rce Fri, 27 Feb 2026 13:03:15 GMT <![CDATA[Fake Next.js Job Tests Deploy In-Memory Malware via VS Code]]> https://www.probablypwned.com/article/microsoft-nextjs-fake-job-interview-malware-vscode-trigger https://www.probablypwned.com/article/microsoft-nextjs-fake-job-interview-malware-vscode-trigger Thu, 26 Feb 2026 16:45:00 GMT <![CDATA[LAPSUS$ Supergroup Paying Women $1,000 Per Vishing Call]]> https://www.probablypwned.com/article/scattered-lapsus-hunters-vishing-women-recruitment-it-helpdesk https://www.probablypwned.com/article/scattered-lapsus-hunters-vishing-women-recruitment-it-helpdesk Thu, 26 Feb 2026 13:08:47 GMT <![CDATA[Claude Code Flaws Let Malicious Repos Steal API Keys, Run Code]]> https://www.probablypwned.com/article/claude-code-rce-api-key-exfiltration-hooks-mcp-check-point https://www.probablypwned.com/article/claude-code-rce-api-key-exfiltration-hooks-mcp-check-point Thu, 26 Feb 2026 13:06:15 GMT <![CDATA[OpenLIT GitHub Actions Flaw Exposes API Keys, Cloud Credentials]]> https://www.probablypwned.com/article/openlit-cve-2026-27941-github-actions-critical-rce-secrets https://www.probablypwned.com/article/openlit-cve-2026-27941-github-actions-critical-rce-secrets Thu, 26 Feb 2026 13:04:22 GMT <![CDATA[Cisco SD-WAN Zero-Day Exploited Since 2023 Prompts CISA Alert]]> https://www.probablypwned.com/article/cisco-sd-wan-cve-2026-20127-zero-day-uat-8616 https://www.probablypwned.com/article/cisco-sd-wan-cve-2026-20127-zero-day-uat-8616 Wed, 25 Feb 2026 18:45:00 GMT <![CDATA[Microsoft Copilot Bug Exposed Confidential Emails for Weeks]]> https://www.probablypwned.com/article/microsoft-copilot-dlp-bypass-confidential-emails-cw1226324 https://www.probablypwned.com/article/microsoft-copilot-dlp-bypass-confidential-emails-cw1226324 Wed, 25 Feb 2026 13:09:44 GMT <![CDATA[Matanbuchus 3.0 Loader Delivers AstarionRAT in Hands-On Intrusion]]> https://www.probablypwned.com/article/matanbuchus-3-astarionrat-clickfix-hands-on-keyboard-intrusion https://www.probablypwned.com/article/matanbuchus-3-astarionrat-clickfix-hands-on-keyboard-intrusion Wed, 25 Feb 2026 13:08:17 GMT <![CDATA[Anthropic Accuses Chinese AI Labs of Industrial-Scale Model Theft]]> https://www.probablypwned.com/article/anthropic-accuses-deepseek-moonshot-minimax-distillation-16m-queries https://www.probablypwned.com/article/anthropic-accuses-deepseek-moonshot-minimax-distillation-16m-queries Wed, 25 Feb 2026 13:06:38 GMT <![CDATA[CISA Adds FileZen CVE-2026-25108 to KEV After Active Exploitation]]> https://www.probablypwned.com/article/cisa-kev-filezen-cve-2026-25108-command-injection-soliton https://www.probablypwned.com/article/cisa-kev-filezen-cve-2026-25108-command-injection-soliton Wed, 25 Feb 2026 13:05:12 GMT <![CDATA[SolarWinds Patches Four Critical Serv-U Flaws With Root Access]]> https://www.probablypwned.com/article/solarwinds-serv-u-15-5-4-four-critical-rce-vulnerabilities https://www.probablypwned.com/article/solarwinds-serv-u-15-5-4-four-critical-rce-vulnerabilities Tue, 24 Feb 2026 18:42:00 GMT <![CDATA[PayPal Breach Exposed SSNs for Six Months Before Detection]]> https://www.probablypwned.com/article/paypal-working-capital-breach-ssn-six-months-exposure https://www.probablypwned.com/article/paypal-working-capital-breach-ssn-six-months-exposure Tue, 24 Feb 2026 13:06:54 GMT <![CDATA[Chip Testing Giant Advantest Confirms Ransomware Attack]]> https://www.probablypwned.com/article/advantest-ransomware-semiconductor-testing-february-2026 https://www.probablypwned.com/article/advantest-ransomware-semiconductor-testing-february-2026 Tue, 24 Feb 2026 13:06:25 GMT <![CDATA[Attackers Weaponize ClawHub Comments to Deliver Infostealers]]> https://www.probablypwned.com/article/clawhub-malicious-comments-atomic-stealer-base64-payload https://www.probablypwned.com/article/clawhub-malicious-comments-atomic-stealer-base64-payload Tue, 24 Feb 2026 13:05:49 GMT <![CDATA[Serv-U Type Confusion Bug Enables Privileged Code Execution]]> https://www.probablypwned.com/article/serv-u-cve-2025-40540-critical-type-confusion-rce https://www.probablypwned.com/article/serv-u-cve-2025-40540-critical-type-confusion-rce Tue, 24 Feb 2026 13:05:20 GMT <![CDATA[Cloudflare's 6-Hour Outage Traced to API Query Bug]]> https://www.probablypwned.com/article/cloudflare-byoip-outage-six-hours-api-bug-february-2026 https://www.probablypwned.com/article/cloudflare-byoip-outage-six-hours-api-bug-february-2026 Mon, 23 Feb 2026 13:05:31 GMT <![CDATA[ShinyHunters Demands $1.5M From Wynn Resorts Over Stolen Data]]> https://www.probablypwned.com/article/shinyhunters-wynn-resorts-800k-employee-records-oracle-peoplesoft https://www.probablypwned.com/article/shinyhunters-wynn-resorts-800k-employee-records-oracle-peoplesoft Mon, 23 Feb 2026 13:04:58 GMT <![CDATA[Australian Court Files Exposed via Third-Party Offshoring Breach]]> https://www.probablypwned.com/article/viq-solutions-australian-court-data-breach-e24-technologies https://www.probablypwned.com/article/viq-solutions-australian-court-data-breach-e24-technologies Mon, 23 Feb 2026 13:04:12 GMT <![CDATA[MuddyWater Deploys GhostFetch and Telegram-Based Backdoors]]> https://www.probablypwned.com/article/muddywater-operation-olalampo-ghostfetch-mena-telegram https://www.probablypwned.com/article/muddywater-operation-olalampo-ghostfetch-mena-telegram Mon, 23 Feb 2026 13:03:21 GMT <![CDATA[Arkanix Stealer: AI-Assisted MaaS Infostealer Folds Fast]]> https://www.probablypwned.com/article/arkanix-stealer-ai-assisted-maas-infostealer-shutdown https://www.probablypwned.com/article/arkanix-stealer-ai-assisted-maas-infostealer-shutdown Sun, 22 Feb 2026 16:45:00 GMT <![CDATA[France's National Bank Database Breached, 1.2M Accounts Exposed]]> https://www.probablypwned.com/article/france-ficoba-bank-database-breach-1-2-million-accounts https://www.probablypwned.com/article/france-ficoba-bank-database-breach-1-2-million-accounts Sun, 22 Feb 2026 13:07:02 GMT <![CDATA[Massiv Android Trojan Spreads via Fake IPTV Apps]]> https://www.probablypwned.com/article/massiv-android-trojan-iptv-apps-banking-fraud https://www.probablypwned.com/article/massiv-android-trojan-iptv-apps-banking-fraud Sun, 22 Feb 2026 13:06:16 GMT <![CDATA[CRESCENTHARVEST RAT Targets Iranian Protest Supporters]]> https://www.probablypwned.com/article/crescentharvest-iran-protest-espionage-chrome-dll-sideload https://www.probablypwned.com/article/crescentharvest-iran-protest-espionage-chrome-dll-sideload Sun, 22 Feb 2026 13:05:28 GMT <![CDATA[AI-Assisted Attacker Compromises 600+ FortiGate Firewalls]]> https://www.probablypwned.com/article/ai-assisted-threat-actor-fortigate-600-devices-arxon https://www.probablypwned.com/article/ai-assisted-threat-actor-fortigate-600-devices-arxon Sun, 22 Feb 2026 13:04:37 GMT <![CDATA[Mississippi's Largest Hospital System Closes All Clinics After Ransomware Attack]]> https://www.probablypwned.com/article/ummc-mississippi-ransomware-attack-clinics-closed-fbi https://www.probablypwned.com/article/ummc-mississippi-ransomware-attack-clinics-closed-fbi Sat, 21 Feb 2026 13:06:43 GMT <![CDATA[PromptSpy: First Android Malware Using Gemini AI at Runtime]]> https://www.probablypwned.com/article/promptspy-android-malware-gemini-ai-persistence https://www.probablypwned.com/article/promptspy-android-malware-gemini-ai-persistence Sat, 21 Feb 2026 13:05:43 GMT <![CDATA[ClickFix Campaign Deploys MIMICRAT Through Compromised BIN Sites]]> https://www.probablypwned.com/article/clickfix-mimicrat-compromised-sites-elastic-security https://www.probablypwned.com/article/clickfix-mimicrat-compromised-sites-elastic-security Sat, 21 Feb 2026 13:04:43 GMT <![CDATA[CISA Adds Two Roundcube Flaws to KEV After Active Exploitation]]> https://www.probablypwned.com/article/cisa-kev-roundcube-cve-2025-49113-cve-2025-68461-actively-exploited https://www.probablypwned.com/article/cisa-kev-roundcube-cve-2025-49113-cve-2025-68461-actively-exploited Sat, 21 Feb 2026 13:03:43 GMT <![CDATA[Hacking AI Platform WormGPT Breached, 19,000 Users Exposed]]> https://www.probablypwned.com/article/wormgpt-data-breach-19000-users-exposed-dark-web https://www.probablypwned.com/article/wormgpt-data-breach-19000-users-exposed-dark-web Fri, 20 Feb 2026 13:07:56 GMT <![CDATA[Unit 42 Tracks SparkRAT, VShell in BeyondTrust Attacks]]> https://www.probablypwned.com/article/beyondtrust-sparkrat-vshell-unit42-exploitation-campaign https://www.probablypwned.com/article/beyondtrust-sparkrat-vshell-unit42-exploitation-campaign Fri, 20 Feb 2026 13:07:12 GMT <![CDATA[Windows Admin Center Flaw Enables Full Domain Takeover]]> https://www.probablypwned.com/article/windows-admin-center-cve-2026-26119-privilege-escalation https://www.probablypwned.com/article/windows-admin-center-cve-2026-26119-privilege-escalation Fri, 20 Feb 2026 13:06:32 GMT <![CDATA[Microsoft Semantic Kernel RCE Flaw Scores Perfect 10.0 CVSS]]> https://www.probablypwned.com/article/microsoft-semantic-kernel-cve-2026-26030-critical-rce https://www.probablypwned.com/article/microsoft-semantic-kernel-cve-2026-26030-critical-rce Fri, 20 Feb 2026 13:05:55 GMT <![CDATA[CISA Orders Feds to Patch Dell Flaw Within 3 Days]]> https://www.probablypwned.com/article/cisa-dell-recoverpoint-cve-2026-22769-3-day-patch-deadline https://www.probablypwned.com/article/cisa-dell-recoverpoint-cve-2026-22769-3-day-patch-deadline Thu, 19 Feb 2026 19:30:00 GMT <![CDATA[Cisco Secure AI Factory with NVIDIA: Partner Revenue at Scale]]> https://www.probablypwned.com/article/cisco-secure-ai-factory-nvidia-partner-opportunity-2026 https://www.probablypwned.com/article/cisco-secure-ai-factory-nvidia-partner-opportunity-2026 Thu, 19 Feb 2026 16:45:00 GMT <![CDATA[Cisco AI Security Report: 83% Want Agents, 29% Ready]]> https://www.probablypwned.com/article/cisco-state-of-ai-security-2026-report-threat-landscape https://www.probablypwned.com/article/cisco-state-of-ai-security-2026-report-threat-landscape Thu, 19 Feb 2026 16:45:00 GMT <![CDATA[Inside DynoWiper: Mersenne Twister PRNG and File Destruction]]> https://www.probablypwned.com/article/dynowiper-technical-analysis-mersenne-twister-sandworm https://www.probablypwned.com/article/dynowiper-technical-analysis-mersenne-twister-sandworm Thu, 19 Feb 2026 16:45:00 GMT <![CDATA[DDoS Attacks Surge 168% as NoName057 Sets Attack Record]]> https://www.probablypwned.com/article/radware-ddos-report-2026-168-percent-increase-noname057 https://www.probablypwned.com/article/radware-ddos-report-2026-168-percent-increase-noname057 Thu, 19 Feb 2026 13:06:04 GMT <![CDATA[ClickFix Attacks Now Abuse DNS to Evade Security Tools]]> https://www.probablypwned.com/article/clickfix-dns-nslookup-modelorat-microsoft-disclosure https://www.probablypwned.com/article/clickfix-dns-nslookup-modelorat-microsoft-disclosure Thu, 19 Feb 2026 13:05:08 GMT <![CDATA[Grandstream VoIP Phones Vulnerable to Silent Eavesdropping]]> https://www.probablypwned.com/article/grandstream-voip-cve-2026-2329-critical-rce-eavesdropping https://www.probablypwned.com/article/grandstream-voip-cve-2026-2329-critical-rce-eavesdropping Thu, 19 Feb 2026 13:04:11 GMT <![CDATA[CleanTalk WordPress Plugin Flaw Exposes 200K Sites to Takeover]]> https://www.probablypwned.com/article/cleantalk-wordpress-cve-2026-1490-critical-auth-bypass https://www.probablypwned.com/article/cleantalk-wordpress-cve-2026-1490-critical-auth-bypass Thu, 19 Feb 2026 13:03:22 GMT <![CDATA[GPT-OSS-Safeguard Models Fail Multi-Turn Jailbreak Testing]]> https://www.probablypwned.com/article/cisco-gpt-oss-safeguard-jailbreak-testing-ai-safety https://www.probablypwned.com/article/cisco-gpt-oss-safeguard-jailbreak-testing-ai-safety Thu, 19 Feb 2026 09:15:00 GMT <![CDATA[Cisco DevNet Launches AI Repos Catalog for MCP Servers]]> https://www.probablypwned.com/article/cisco-devnet-code-exchange-ai-repos-catalog-mcp-agents https://www.probablypwned.com/article/cisco-devnet-code-exchange-ai-repos-catalog-mcp-agents Wed, 18 Feb 2026 19:30:00 GMT <![CDATA[Dell Zero-Day Exploited by Chinese Hackers Since 2024]]> https://www.probablypwned.com/article/dell-recoverpoint-cve-2026-22769-unc6201-china-apt-zero-day https://www.probablypwned.com/article/dell-recoverpoint-cve-2026-22769-unc6201-china-apt-zero-day Wed, 18 Feb 2026 16:45:00 GMT <![CDATA[Talos Fuzzes Industrial Gateway, Finds Six DoS Vulnerabilities]]> https://www.probablypwned.com/article/talos-good-enough-emulation-fuzzing-socomec-modbus-cves https://www.probablypwned.com/article/talos-good-enough-emulation-fuzzing-socomec-modbus-cves Wed, 18 Feb 2026 16:45:00 GMT <![CDATA[Microsoft: macOS Infostealers Surge With ClickFix and Python]]> https://www.probablypwned.com/article/microsoft-macos-infostealers-clickfix-python-cross-platform https://www.probablypwned.com/article/microsoft-macos-infostealers-clickfix-python-cross-platform Wed, 18 Feb 2026 13:04:12 GMT <![CDATA[TeamPCP Worm Turns Cloud Misconfigs Into Cybercrime Platform]]> https://www.probablypwned.com/article/teampcp-worm-cloud-infrastructure-react2shell-cryptomining https://www.probablypwned.com/article/teampcp-worm-cloud-infrastructure-react2shell-cryptomining Wed, 18 Feb 2026 13:03:33 GMT <![CDATA[CISA Adds Four Flaws to KEV, Including 17-Year-Old ActiveX Bug]]> https://www.probablypwned.com/article/cisa-kev-chrome-zimbra-activex-threatsonar-february-2026 https://www.probablypwned.com/article/cisa-kev-chrome-zimbra-activex-threatsonar-february-2026 Wed, 18 Feb 2026 13:02:44 GMT <![CDATA[SANS Analyst Tracks Malware Using Recycled PNG Payload]]> https://www.probablypwned.com/article/sans-isc-malware-campaign-tracking-reused-png-payloads https://www.probablypwned.com/article/sans-isc-malware-campaign-tracking-reused-png-payloads Wed, 18 Feb 2026 11:15:00 GMT <![CDATA[Moltbook Breach Exposes 1.5 Million AI Agent API Keys]]> https://www.probablypwned.com/article/moltbook-exposed-database-1-5-million-ai-agent-api-keys https://www.probablypwned.com/article/moltbook-exposed-database-1-5-million-ai-agent-api-keys Tue, 17 Feb 2026 19:45:00 GMT <![CDATA[Cisco Warns TLS Certificate Changes Could Break mTLS]]> https://www.probablypwned.com/article/cisco-tls-clientauth-certificate-changes-june-2026 https://www.probablypwned.com/article/cisco-tls-clientauth-certificate-changes-june-2026 Tue, 17 Feb 2026 16:45:00 GMT <![CDATA[OpenAI Report Shows 8x Enterprise AI Growth—Networks Are the Bottleneck]]> https://www.probablypwned.com/article/openai-enterprise-ai-report-cisco-network-infrastructure https://www.probablypwned.com/article/openai-enterprise-ai-report-cisco-network-infrastructure Tue, 17 Feb 2026 15:45:00 GMT <![CDATA[Infostealers Now Targeting AI Agent Configurations]]> https://www.probablypwned.com/article/vidar-infostealer-openclaw-ai-agent-configuration-theft https://www.probablypwned.com/article/vidar-infostealer-openclaw-ai-agent-configuration-theft Tue, 17 Feb 2026 13:03:15 GMT <![CDATA[Google Patches Chrome Zero-Day Under Active Exploitation]]> https://www.probablypwned.com/article/chrome-zero-day-cve-2026-2441-css-use-after-free-active-exploit https://www.probablypwned.com/article/chrome-zero-day-cve-2026-2441-css-use-after-free-active-exploit Tue, 17 Feb 2026 13:02:30 GMT <![CDATA[MetaMask Users Hit by Phishing Using Fake Security Reports]]> https://www.probablypwned.com/article/metamask-fake-incident-report-phishing-aws-s3 https://www.probablypwned.com/article/metamask-fake-incident-report-phishing-aws-s3 Tue, 17 Feb 2026 11:22:00 GMT <![CDATA[Lumma Stealer Abuses Google Groups for C2 in New Campaign]]> https://www.probablypwned.com/article/lumma-stealer-ninja-browser-google-groups-c2-campaign https://www.probablypwned.com/article/lumma-stealer-ninja-browser-google-groups-c2-campaign Sun, 15 Feb 2026 18:23:00 GMT <![CDATA[CrashFix Malware Crashes Browsers to Trick Enterprise Users]]> https://www.probablypwned.com/article/crashfix-clickfix-malware-enterprise-browser-crash https://www.probablypwned.com/article/crashfix-clickfix-malware-enterprise-browser-crash Sun, 15 Feb 2026 13:03:13 GMT <![CDATA[n8n Sandbox Escape CVE-2026-25049 Bypasses Prior Fix]]> https://www.probablypwned.com/article/n8n-cve-2026-25049-sandbox-escape-rce-bypass https://www.probablypwned.com/article/n8n-cve-2026-25049-sandbox-escape-rce-bypass Sun, 15 Feb 2026 13:02:41 GMT <![CDATA[Dutch Telecom Odido Breach Exposes 6.2 Million Customers]]> https://www.probablypwned.com/article/odido-netherlands-breach-6-million-customer-records https://www.probablypwned.com/article/odido-netherlands-breach-6-million-customer-records Sun, 15 Feb 2026 13:02:08 GMT <![CDATA[Apple Patches Zero-Day Used in 'Sophisticated' Attacks]]> https://www.probablypwned.com/article/apple-zero-day-cve-2026-20700-dyld-sophisticated-attacks https://www.probablypwned.com/article/apple-zero-day-cve-2026-20700-dyld-sophisticated-attacks Sun, 15 Feb 2026 13:01:32 GMT <![CDATA[Valentine's Day Phishing Domains Surge 44% Ahead of Feb 14]]> https://www.probablypwned.com/article/valentines-day-phishing-44-percent-domain-surge-2026 https://www.probablypwned.com/article/valentines-day-phishing-44-percent-domain-surge-2026 Sat, 14 Feb 2026 20:41:57 GMT <![CDATA[Malicious Chrome Extensions Target Meta Business, VK, AI Tools]]> https://www.probablypwned.com/article/chrome-extension-malware-meta-business-vk-ai-theft https://www.probablypwned.com/article/chrome-extension-malware-meta-business-vk-ai-theft Sat, 14 Feb 2026 20:41:14 GMT <![CDATA[Lazarus Plants Malicious Packages in npm and PyPI Registries]]> https://www.probablypwned.com/article/lazarus-graphalgo-npm-pypi-supply-chain-blockchain https://www.probablypwned.com/article/lazarus-graphalgo-npm-pypi-supply-chain-blockchain Sat, 14 Feb 2026 20:40:35 GMT <![CDATA[UAT-9921 Deploys VoidLink Against Tech and Finance Sectors]]> https://www.probablypwned.com/article/uat-9921-voidlink-tech-finance-campaigns-talos https://www.probablypwned.com/article/uat-9921-voidlink-tech-finance-campaigns-talos Sat, 14 Feb 2026 20:40:00 GMT <![CDATA[China's UNC3886 Breached All Four Singapore Telcos]]> https://www.probablypwned.com/article/singapore-unc3886-telecom-breach-zero-day-rootkits https://www.probablypwned.com/article/singapore-unc3886-telecom-breach-zero-day-rootkits Sat, 14 Feb 2026 20:39:28 GMT <![CDATA[Single IP Behind 83% of Ivanti EPMM Attacks, Sleepers Found]]> https://www.probablypwned.com/article/ivanti-epmm-exploitation-bulletproof-hosting-sleeper-shells https://www.probablypwned.com/article/ivanti-epmm-exploitation-bulletproof-hosting-sleeper-shells Sat, 14 Feb 2026 20:38:48 GMT <![CDATA[AI Knowledge Graphs Transform APT Threat Intelligence]]> https://www.probablypwned.com/article/ai-knowledge-graph-generator-apt-threat-intelligence-sans https://www.probablypwned.com/article/ai-knowledge-graph-generator-apt-threat-intelligence-sans Fri, 13 Feb 2026 09:15:00 GMT <![CDATA[How to Become a Cybersecurity Analyst: Career Guide]]> https://www.probablypwned.com/article/how-to-become-cybersecurity-analyst-career-guide https://www.probablypwned.com/article/how-to-become-cybersecurity-analyst-career-guide Fri, 13 Feb 2026 01:00:58 GMT <![CDATA[State Hackers Weaponize Gemini AI Across Attack Lifecycle]]> https://www.probablypwned.com/article/google-gemini-ai-abuse-nation-state-hackers-honestcue-malware https://www.probablypwned.com/article/google-gemini-ai-abuse-nation-state-hackers-honestcue-malware Thu, 12 Feb 2026 16:45:00 GMT <![CDATA[Cisco Snort 3 MIME Flaws Expose Firewalls to DoS and Data Leaks]]> https://www.probablypwned.com/article/cisco-snort3-mime-dos-cve-2025-20359-20360 https://www.probablypwned.com/article/cisco-snort3-mime-dos-cve-2025-20359-20360 Thu, 12 Feb 2026 15:45:00 GMT <![CDATA[Fortinet Patches Critical SQLi-to-RCE Flaw in FortiClientEMS]]> https://www.probablypwned.com/article/fortinet-forticlientems-cve-2026-21643-sql-injection-rce https://www.probablypwned.com/article/fortinet-forticlientems-cve-2026-21643-sql-injection-rce Thu, 12 Feb 2026 13:06:50 GMT <![CDATA[North Korea Uses Deepfake Zoom Calls in Crypto Heists]]> https://www.probablypwned.com/article/north-korea-unc1069-deepfake-clickfix-crypto-theft https://www.probablypwned.com/article/north-korea-unc1069-deepfake-clickfix-crypto-theft Thu, 12 Feb 2026 13:06:07 GMT <![CDATA[Germany Warns of Signal Phishing Targeting Officials]]> https://www.probablypwned.com/article/germany-signal-phishing-warning-politicians-military https://www.probablypwned.com/article/germany-signal-phishing-warning-politicians-military Thu, 12 Feb 2026 13:05:32 GMT <![CDATA[BeyondTrust Pre-Auth RCE Exposes 11,000 Systems]]> https://www.probablypwned.com/article/beyondtrust-cve-2026-1731-pre-auth-rce-11000-exposed https://www.probablypwned.com/article/beyondtrust-cve-2026-1731-pre-auth-rce-11000-exposed Thu, 12 Feb 2026 13:04:56 GMT <![CDATA[SSHStalker Botnet Compromises 7,000 Linux Servers via SSH]]> https://www.probablypwned.com/article/sshstalker-botnet-7000-linux-servers-irc-c2 https://www.probablypwned.com/article/sshstalker-botnet-7000-linux-servers-irc-c2 Thu, 12 Feb 2026 13:04:14 GMT <![CDATA[Reynolds Ransomware Bundles EDR-Killing Driver Into Payload]]> https://www.probablypwned.com/article/reynolds-ransomware-byovd-edr-killer-embedded https://www.probablypwned.com/article/reynolds-ransomware-byovd-edr-killer-embedded Thu, 12 Feb 2026 13:03:35 GMT <![CDATA[Microsoft Patches Six Zero-Days in February Patch Tuesday]]> https://www.probablypwned.com/article/microsoft-patch-tuesday-february-2026-six-zero-days https://www.probablypwned.com/article/microsoft-patch-tuesday-february-2026-six-zero-days Thu, 12 Feb 2026 13:02:50 GMT <![CDATA[What Is MFA? Multi-Factor Authentication Explained]]> https://www.probablypwned.com/article/what-is-mfa-multi-factor-authentication https://www.probablypwned.com/article/what-is-mfa-multi-factor-authentication Thu, 12 Feb 2026 01:01:11 GMT <![CDATA[How to Detect Deepfakes: Signs, Tools, and Protection]]> https://www.probablypwned.com/article/how-to-detect-deepfakes-signs-tools-protection https://www.probablypwned.com/article/how-to-detect-deepfakes-signs-tools-protection Wed, 11 Feb 2026 01:01:36 GMT <![CDATA[ZeroDayRAT Spyware Grants Full Access to Mobile Devices]]> https://www.probablypwned.com/article/zerodayrat-spyware-full-access-android-ios https://www.probablypwned.com/article/zerodayrat-spyware-full-access-android-ios Tue, 10 Feb 2026 14:30:00 GMT <![CDATA[How Cisco IT Cut Incidents 25% With Unified Observability]]> https://www.probablypwned.com/article/cisco-it-observability-transformation-unified-insights https://www.probablypwned.com/article/cisco-it-observability-transformation-unified-insights Mon, 09 Feb 2026 21:15:00 GMT <![CDATA[Cisco XDR Powers Black Hat Europe NOC With Beta Integrations]]> https://www.probablypwned.com/article/cisco-xdr-integration-black-hat-europe-2025 https://www.probablypwned.com/article/cisco-xdr-integration-black-hat-europe-2025 Mon, 09 Feb 2026 19:45:00 GMT <![CDATA[How Cisco Locked Down DNS at Black Hat Europe]]> https://www.probablypwned.com/article/cisco-secure-access-dns-black-hat-europe-2025 https://www.probablypwned.com/article/cisco-secure-access-dns-black-hat-europe-2025 Mon, 09 Feb 2026 16:20:00 GMT <![CDATA[What Is EDR? Endpoint Detection and Response Explained]]> https://www.probablypwned.com/article/what-is-edr-endpoint-detection-response https://www.probablypwned.com/article/what-is-edr-endpoint-detection-response Mon, 09 Feb 2026 01:01:43 GMT <![CDATA[Tirith Blocks Homoglyph Attacks Before They Hit Your Shell]]> https://www.probablypwned.com/article/tirith-open-source-shell-homoglyph-command-detection https://www.probablypwned.com/article/tirith-open-source-shell-homoglyph-command-detection Sun, 08 Feb 2026 16:45:00 GMT <![CDATA[AT&T Breach Data Resurfaces with 176M Enriched Records]]> https://www.probablypwned.com/article/att-breach-176-million-records-enriched-ssn-data-resurfaces https://www.probablypwned.com/article/att-breach-176-million-records-enriched-ssn-data-resurfaces Sun, 08 Feb 2026 13:11:03 GMT <![CDATA[Flickr Breach Exposes User Data via Email Vendor Flaw]]> https://www.probablypwned.com/article/flickr-data-breach-third-party-email-provider-user-data https://www.probablypwned.com/article/flickr-data-breach-third-party-email-provider-user-data Sun, 08 Feb 2026 13:10:16 GMT <![CDATA[Iran's Infy APT Drops Tornado v51 After Internet Blackout]]> https://www.probablypwned.com/article/infy-tornado-v51-iran-blackout-blockchain-c2 https://www.probablypwned.com/article/infy-tornado-v51-iran-blackout-blockchain-c2 Sun, 08 Feb 2026 13:09:19 GMT <![CDATA[BridgePay Ransomware Attack Knocks Payment Gateway Offline]]> https://www.probablypwned.com/article/bridgepay-ransomware-attack-payment-gateway-outage https://www.probablypwned.com/article/bridgepay-ransomware-attack-payment-gateway-outage Sun, 08 Feb 2026 13:08:29 GMT <![CDATA[Shadow Campaigns: Spies Breach 70 Orgs in 37 Nations]]> https://www.probablypwned.com/article/shadow-campaigns-tgr-sta-1030-espionage-37-countries https://www.probablypwned.com/article/shadow-campaigns-tgr-sta-1030-espionage-37-countries Sat, 07 Feb 2026 16:45:00 GMT <![CDATA[Substack Breach Exposes 700K Users' Emails and Phones]]> https://www.probablypwned.com/article/substack-data-breach-700000-users-email-phone-exposed https://www.probablypwned.com/article/substack-data-breach-700000-users-email-phone-exposed Sat, 07 Feb 2026 13:10:15 GMT <![CDATA[Qilin Ransomware Hits Romania's Oil Pipeline Operator]]> https://www.probablypwned.com/article/conpet-romania-oil-pipeline-qilin-ransomware-1tb https://www.probablypwned.com/article/conpet-romania-oil-pipeline-qilin-ransomware-1tb Sat, 07 Feb 2026 13:08:54 GMT <![CDATA[Conduent Breach Now Affects 25.9 Million Americans]]> https://www.probablypwned.com/article/conduent-data-breach-25-million-americans-safeway-ransomware https://www.probablypwned.com/article/conduent-data-breach-25-million-americans-safeway-ransomware Sat, 07 Feb 2026 13:07:33 GMT <![CDATA[CISA Orders Federal Agencies to Dump End-of-Life Edge Gear]]> https://www.probablypwned.com/article/cisa-bod-26-02-edge-device-replacement-federal-agencies https://www.probablypwned.com/article/cisa-bod-26-02-edge-device-replacement-federal-agencies Sat, 07 Feb 2026 13:06:12 GMT <![CDATA[vLLM CVSS 9.8 Flaw Lets Attackers Own AI Servers via Video]]> https://www.probablypwned.com/article/vllm-cve-2026-22778-rce-ai-servers-video-exploit https://www.probablypwned.com/article/vllm-cve-2026-22778-rce-ai-servers-video-exploit Sat, 07 Feb 2026 13:04:48 GMT <![CDATA[What Is Red Teaming? Methodology, Tools, and Benefits]]> https://www.probablypwned.com/article/what-is-red-teaming-methodology-tools-benefits https://www.probablypwned.com/article/what-is-red-teaming-methodology-tools-benefits Sat, 07 Feb 2026 01:01:44 GMT <![CDATA[AIUC-1 Becomes First Standard for Securing AI Agents]]> https://www.probablypwned.com/article/aiuc-1-cisco-ai-security-framework-standard-agents https://www.probablypwned.com/article/aiuc-1-cisco-ai-security-framework-standard-agents Fri, 06 Feb 2026 19:45:00 GMT <![CDATA[Ransomware Gangs Share ISPsystem VMs to Hide Attacks]]> https://www.probablypwned.com/article/ransomware-ispsystem-vmmanager-bulletproof-hosting-sophos https://www.probablypwned.com/article/ransomware-ispsystem-vmmanager-bulletproof-hosting-sophos Fri, 06 Feb 2026 18:42:00 GMT <![CDATA[Super Bowl LX's Cyber Defense Playbook]]> https://www.probablypwned.com/article/super-bowl-lx-cisco-cybersecurity-wifi7-levis-stadium https://www.probablypwned.com/article/super-bowl-lx-cisco-cybersecurity-wifi7-levis-stadium Fri, 06 Feb 2026 17:45:00 GMT <![CDATA[NetOp AI Tackles the Network Readiness Gap for AI]]> https://www.probablypwned.com/article/netop-ai-cisco-network-assessment-ai-readiness-scale https://www.probablypwned.com/article/netop-ai-cisco-network-assessment-ai-readiness-scale Fri, 06 Feb 2026 16:45:00 GMT <![CDATA[Rapid7 Links Notepad++ Breach to Lotus Blossom APT]]> https://www.probablypwned.com/article/notepad-plus-plus-lotus-blossom-chrysalis-backdoor-rapid7 https://www.probablypwned.com/article/notepad-plus-plus-lotus-blossom-chrysalis-backdoor-rapid7 Fri, 06 Feb 2026 13:05:48 GMT <![CDATA[Talos Exposes DKnife: China-Linked Router AitM Framework]]> https://www.probablypwned.com/article/dknife-aitm-framework-talos-china-routers-shadowpad https://www.probablypwned.com/article/dknife-aitm-framework-talos-china-routers-shadowpad Fri, 06 Feb 2026 13:04:52 GMT <![CDATA[CISA Confirms VMware ESXi Flaw Used in Ransomware]]> https://www.probablypwned.com/article/vmware-esxi-cve-2025-22225-ransomware-cisa-confirms https://www.probablypwned.com/article/vmware-esxi-cve-2025-22225-ransomware-cisa-confirms Fri, 06 Feb 2026 13:04:14 GMT <![CDATA[SmarterMail Flaw Exploited in Ransomware Attacks]]> https://www.probablypwned.com/article/smartermail-cve-2026-24423-ransomware-cisa-kev https://www.probablypwned.com/article/smartermail-cve-2026-24423-ransomware-cisa-kev Fri, 06 Feb 2026 13:03:27 GMT <![CDATA[Cisco AI Summit: Security Takes Center Stage]]> https://www.probablypwned.com/article/cisco-ai-summit-2026-agenticops-ai-defense-silicon-one https://www.probablypwned.com/article/cisco-ai-summit-2026-agenticops-ai-defense-silicon-one Fri, 06 Feb 2026 11:15:00 GMT <![CDATA[What Is Access Control? Models, Types, and Best Practices]]> https://www.probablypwned.com/article/what-is-access-control-models-types-best-practices https://www.probablypwned.com/article/what-is-access-control-models-types-best-practices Fri, 06 Feb 2026 01:02:37 GMT <![CDATA[Talos Warns AI Adoption Is Outrunning Security]]> https://www.probablypwned.com/article/talos-ai-adoption-security-sacrifice-convenience https://www.probablypwned.com/article/talos-ai-adoption-security-sacrifice-convenience Thu, 05 Feb 2026 21:15:00 GMT <![CDATA[APT28 Targets European Maritime Sector via Office Flaw]]> https://www.probablypwned.com/article/apt28-maritime-transport-cve-2026-21509-office-europe https://www.probablypwned.com/article/apt28-maritime-transport-cve-2026-21509-office-europe Thu, 05 Feb 2026 19:45:00 GMT <![CDATA[Cisco Live Amsterdam Tackles AI Policy Gap]]> https://www.probablypwned.com/article/cisco-live-amsterdam-ai-revolution-policy-government https://www.probablypwned.com/article/cisco-live-amsterdam-ai-revolution-policy-government Thu, 05 Feb 2026 19:30:00 GMT <![CDATA[Cisco Outlines Two-Pillar Post-Quantum Strategy]]> https://www.probablypwned.com/article/cisco-post-quantum-cryptography-pqc-hndl-threat https://www.probablypwned.com/article/cisco-post-quantum-cryptography-pqc-hndl-threat Thu, 05 Feb 2026 16:45:00 GMT <![CDATA[Broken Phishing URLs Are Bypassing Your Filters]]> https://www.probablypwned.com/article/broken-phishing-urls-cloudflare-workers-regex-evasion https://www.probablypwned.com/article/broken-phishing-urls-cloudflare-workers-regex-evasion Thu, 05 Feb 2026 14:20:00 GMT <![CDATA[React2Shell Exploits Fuel Massive NGINX Traffic Hijacking]]> https://www.probablypwned.com/article/react2shell-nginx-hijacking-web-traffic-campaign https://www.probablypwned.com/article/react2shell-nginx-hijacking-web-traffic-campaign Thu, 05 Feb 2026 13:09:39 GMT <![CDATA[DEAD#VAX Campaign Hides AsyncRAT in Memory-Only Attack]]> https://www.probablypwned.com/article/deadvax-asyncrat-fileless-ipfs-vhd-phishing https://www.probablypwned.com/article/deadvax-asyncrat-fileless-ipfs-vhd-phishing Thu, 05 Feb 2026 13:08:52 GMT <![CDATA[APT28 Weaponized Office Zero-Day in Three Days Flat]]> https://www.probablypwned.com/article/apt28-operation-neusploit-cve-2026-21509-eastern-europe https://www.probablypwned.com/article/apt28-operation-neusploit-cve-2026-21509-eastern-europe Thu, 05 Feb 2026 13:08:05 GMT <![CDATA[n8n Patches Five Critical Flaws Including CVSS 9.4 RCE]]> https://www.probablypwned.com/article/n8n-cve-2026-25049-expression-escape-rce-five-flaws https://www.probablypwned.com/article/n8n-cve-2026-25049-expression-escape-rce-five-flaws Thu, 05 Feb 2026 13:07:25 GMT <![CDATA[Three Days to Patch: CISA's Urgent SolarWinds Deadline Explained]]> https://www.probablypwned.com/article/solarwinds-whd-three-day-patch-deadline-federal-agencies https://www.probablypwned.com/article/solarwinds-whd-three-day-patch-deadline-federal-agencies Wed, 04 Feb 2026 19:45:00 GMT <![CDATA[Cisco 8375 Router Earns NetSecOPEN Validation for Branch Security]]> https://www.probablypwned.com/article/netsecopen-cisco-8375-secure-router-branch-validation https://www.probablypwned.com/article/netsecopen-cisco-8375-secure-router-branch-validation Wed, 04 Feb 2026 17:30:00 GMT <![CDATA[Cisco Live EMEA 2026: Developer Sessions You Can't Miss]]> https://www.probablypwned.com/article/cisco-live-emea-2026-developer-guide-ai-meraki-mcp https://www.probablypwned.com/article/cisco-live-emea-2026-developer-guide-ai-meraki-mcp Wed, 04 Feb 2026 17:15:00 GMT <![CDATA[Cisco Prime Infrastructure XSS Flaw Targets Admins]]> https://www.probablypwned.com/article/cisco-prime-infrastructure-xss-cve-2026-20111-network-management https://www.probablypwned.com/article/cisco-prime-infrastructure-xss-cve-2026-20111-network-management Wed, 04 Feb 2026 16:45:00 GMT <![CDATA[Cisco Maps the Five Domains of AI Security]]> https://www.probablypwned.com/article/cisco-ai-security-domains-organizational-functions-taxonomy https://www.probablypwned.com/article/cisco-ai-security-domains-organizational-functions-taxonomy Wed, 04 Feb 2026 16:30:00 GMT <![CDATA[XWorm RAT Hides in PNG Image via Steganography Attack]]> https://www.probablypwned.com/article/xworm-rat-steganography-png-batch-script-sans https://www.probablypwned.com/article/xworm-rat-steganography-png-batch-script-sans Wed, 04 Feb 2026 15:42:00 GMT <![CDATA[WordPress Service Finder Plugin Exploit Hits 13,800 Sites]]> https://www.probablypwned.com/article/wordpress-service-finder-cve-2025-5947-admin-takeover https://www.probablypwned.com/article/wordpress-service-finder-cve-2025-5947-admin-takeover Wed, 04 Feb 2026 13:05:31 GMT <![CDATA[1 in 5 Infostealer Infections Will Expose Enterprise Creds]]> https://www.probablypwned.com/article/flare-infostealer-enterprise-credentials-microsoft-entra-2026 https://www.probablypwned.com/article/flare-infostealer-enterprise-credentials-microsoft-entra-2026 Wed, 04 Feb 2026 13:04:54 GMT <![CDATA[59 KEV Entries Quietly Flagged for Ransomware Use in 2025]]> https://www.probablypwned.com/article/greynoise-cisa-kev-ransomware-silent-updates-rss-tool https://www.probablypwned.com/article/greynoise-cisa-kev-ransomware-silent-updates-rss-tool Wed, 04 Feb 2026 13:04:18 GMT <![CDATA[CISA Adds SolarWinds, Sangoma, GitLab Flaws to KEV]]> https://www.probablypwned.com/article/cisa-kev-solarwinds-sangoma-gitlab-february-2026 https://www.probablypwned.com/article/cisa-kev-solarwinds-sangoma-gitlab-february-2026 Wed, 04 Feb 2026 13:03:45 GMT <![CDATA[Google Looker Flaws Let Attackers Hijack BI Servers]]> https://www.probablypwned.com/article/google-looker-lookout-vulnerabilities-cve-2025-12743-rce-database https://www.probablypwned.com/article/google-looker-lookout-vulnerabilities-cve-2025-12743-rce-database Wed, 04 Feb 2026 13:03:12 GMT <![CDATA[Cisco's ACE Framework Cuts LLM Token Costs by Up to 90%]]> https://www.probablypwned.com/article/cisco-ace-analytics-context-engineering-llm-token-reduction https://www.probablypwned.com/article/cisco-ace-analytics-context-engineering-llm-token-reduction Wed, 04 Feb 2026 11:45:00 GMT <![CDATA[OWASP Top 10 Explained: Critical Web Application Security Risks]]> https://www.probablypwned.com/article/owasp-top-10-2025-web-application-security-risks https://www.probablypwned.com/article/owasp-top-10-2025-web-application-security-risks Wed, 04 Feb 2026 01:02:27 GMT <![CDATA[Cybersecurity's Talent Crisis Puts STEM Education in the Spotlight]]> https://www.probablypwned.com/article/stem-education-cybersecurity-workforce-cisco-academy https://www.probablypwned.com/article/stem-education-cybersecurity-workforce-cisco-academy Tue, 03 Feb 2026 16:45:00 GMT <![CDATA[WhatsApp Bug Lets Malicious Media Spread via Group Chats]]> https://www.probablypwned.com/article/whatsapp-group-chat-media-vulnerability-zero-click https://www.probablypwned.com/article/whatsapp-group-chat-media-vulnerability-zero-click Tue, 03 Feb 2026 13:05:28 GMT <![CDATA[Qilin Ransomware Breaches Tulsa International Airport]]> https://www.probablypwned.com/article/qilin-ransomware-tulsa-airport-aviation-sector-2026 https://www.probablypwned.com/article/qilin-ransomware-tulsa-airport-aviation-sector-2026 Tue, 03 Feb 2026 13:04:47 GMT <![CDATA[341 Malicious OpenClaw Skills Distribute Atomic Stealer]]> https://www.probablypwned.com/article/openclaw-clawhub-malicious-skills-atomic-stealer-crypto https://www.probablypwned.com/article/openclaw-clawhub-malicious-skills-atomic-stealer-crypto Tue, 03 Feb 2026 13:03:58 GMT <![CDATA[Notepad++ Update Hijacked by Chinese APT for Six Months]]> https://www.probablypwned.com/article/notepad-plus-plus-supply-chain-attack-violet-typhoon-apt31 https://www.probablypwned.com/article/notepad-plus-plus-supply-chain-attack-violet-typhoon-apt31 Tue, 03 Feb 2026 13:03:12 GMT <![CDATA[New Tools Help Defenders Track OpenClaw AI Agent Activity]]> https://www.probablypwned.com/article/openclaw-detection-monitoring-tools-sans-isc-telemetry https://www.probablypwned.com/article/openclaw-detection-monitoring-tools-sans-isc-telemetry Tue, 03 Feb 2026 09:15:00 GMT <![CDATA[Attackers Scan for Exposed Self-Hosted Anthropic Models]]> https://www.probablypwned.com/article/anthropic-api-scanning-exposed-self-hosted-models-sans https://www.probablypwned.com/article/anthropic-api-scanning-exposed-self-hosted-models-sans Mon, 02 Feb 2026 16:45:00 GMT <![CDATA[CrossCurve Bridge Drained of $3M in Smart Contract Exploit]]> https://www.probablypwned.com/article/crosscurve-bridge-exploit-3-million-smart-contract-vulnerability https://www.probablypwned.com/article/crosscurve-bridge-exploit-3-million-smart-contract-vulnerability Mon, 02 Feb 2026 13:07:06 GMT <![CDATA[ShinyHunters Leaks 10M Records from Tinder, Hinge, OkCupid]]> https://www.probablypwned.com/article/match-group-tinder-hinge-breach-shinyhunters-10-million-records https://www.probablypwned.com/article/match-group-tinder-hinge-breach-shinyhunters-10-million-records Mon, 02 Feb 2026 13:06:21 GMT <![CDATA[CISA KEV Deadline Hits Today for Unpatched Gogs Zero-Day]]> https://www.probablypwned.com/article/gogs-cve-2025-8110-zero-day-rce-cisa-kev-no-patch https://www.probablypwned.com/article/gogs-cve-2025-8110-zero-day-rce-cisa-kev-no-patch Mon, 02 Feb 2026 13:05:29 GMT <![CDATA[What Is Phishing? Types of Attacks and How to Spot Them]]> https://www.probablypwned.com/article/what-is-phishing-types-how-to-spot-prevent https://www.probablypwned.com/article/what-is-phishing-types-how-to-spot-prevent Mon, 02 Feb 2026 01:02:16 GMT <![CDATA[208,000 MongoDB Servers Exposed, 1,400 Already Hit by Extortion]]> https://www.probablypwned.com/article/mongodb-exposed-instances-data-extortion-attacks-flare https://www.probablypwned.com/article/mongodb-exposed-instances-data-extortion-attacks-flare Sun, 01 Feb 2026 16:45:00 GMT <![CDATA[Redis RCE Exploit More Severe Than Initially Rated]]> https://www.probablypwned.com/article/redis-cve-2025-62507-rce-exploit-jfrog https://www.probablypwned.com/article/redis-cve-2025-62507-rce-exploit-jfrog Sun, 01 Feb 2026 13:08:47 GMT <![CDATA[Iconics SCADA Flaw Allows System File Corruption]]> https://www.probablypwned.com/article/iconics-scada-cve-2025-0921-file-system-dos https://www.probablypwned.com/article/iconics-scada-cve-2025-0921-file-system-dos Sun, 01 Feb 2026 13:08:03 GMT <![CDATA[MuddyWater Deploys Rust-Based RAT in Middle East Campaign]]> https://www.probablypwned.com/article/muddywater-rustywater-rust-rat-middle-east-spearphishing https://www.probablypwned.com/article/muddywater-rustywater-rust-rat-middle-east-spearphishing Sun, 01 Feb 2026 13:07:12 GMT <![CDATA[RedKitten Malware Targets Iranian Protest Documenters]]> https://www.probablypwned.com/article/redkitten-sloppymio-malware-iran-protests https://www.probablypwned.com/article/redkitten-sloppymio-malware-iran-protests Sat, 31 Jan 2026 13:05:13 GMT <![CDATA[SHADOW#REACTOR: Multi-Stage Remcos RAT Hits Enterprises]]> https://www.probablypwned.com/article/remcos-rat-shadow-reactor-multi-stage-campaign https://www.probablypwned.com/article/remcos-rat-shadow-reactor-multi-stage-campaign Sat, 31 Jan 2026 13:04:40 GMT <![CDATA[Cisco ISE XXE Flaw Has Public PoC, Patch Now]]> https://www.probablypwned.com/article/cisco-ise-xxe-cve-2026-20029-poc-exploit https://www.probablypwned.com/article/cisco-ise-xxe-cve-2026-20029-poc-exploit Sat, 31 Jan 2026 13:04:10 GMT <![CDATA[Google Dismantles IPIDEA Proxy Network Used by 550+ APTs]]> https://www.probablypwned.com/article/google-ipidea-residential-proxy-network-disruption https://www.probablypwned.com/article/google-ipidea-residential-proxy-network-disruption Sat, 31 Jan 2026 13:03:26 GMT <![CDATA[Ex-Google Engineer Convicted in First US AI Espionage Case]]> https://www.probablypwned.com/article/linwei-ding-google-ai-trade-secrets-china-conviction https://www.probablypwned.com/article/linwei-ding-google-ai-trade-secrets-china-conviction Sat, 31 Jan 2026 10:45:00 GMT <![CDATA[What Is Ransomware? How It Works and How to Protect Yourself]]> https://www.probablypwned.com/article/what-is-ransomware-guide https://www.probablypwned.com/article/what-is-ransomware-guide Sat, 31 Jan 2026 01:01:46 GMT <![CDATA[Top 5 Threat Intelligence Data APIs for Security Teams]]> https://www.probablypwned.com/article/top-5-threat-intelligence-data-apis-2026 https://www.probablypwned.com/article/top-5-threat-intelligence-data-apis-2026 Fri, 30 Jan 2026 19:24:26 GMT <![CDATA[Cisco DevNet Spotlights Partner-Built Security Integrations]]> https://www.probablypwned.com/article/cisco-devnet-partner-innovation-month-2026 https://www.probablypwned.com/article/cisco-devnet-partner-innovation-month-2026 Fri, 30 Jan 2026 18:45:00 GMT <![CDATA[Phishers Hide Behind Google Slides Publish Feature]]> https://www.probablypwned.com/article/google-slides-publish-phishing-vivaldi-webmail https://www.probablypwned.com/article/google-slides-publish-phishing-vivaldi-webmail Fri, 30 Jan 2026 18:45:00 GMT <![CDATA[SolarWinds Web Help Desk Gets Emergency Patches for Four Critical Flaws]]> https://www.probablypwned.com/article/solarwinds-web-help-desk-critical-rce-auth-bypass https://www.probablypwned.com/article/solarwinds-web-help-desk-critical-rce-auth-bypass Fri, 30 Jan 2026 13:11:18 GMT <![CDATA[Iran's Hacktivists Were State Actors All Along, CSIS Report Finds]]> https://www.probablypwned.com/article/iran-apt-cyberav3ngers-hacktivist-state-sponsored-csis https://www.probablypwned.com/article/iran-apt-cyberav3ngers-hacktivist-state-sponsored-csis Fri, 30 Jan 2026 13:09:45 GMT <![CDATA[Ivanti EPMM Zero-Days Under Attack, CISA Sets Friday Deadline]]> https://www.probablypwned.com/article/ivanti-epmm-zero-day-cve-2026-1281-cve-2026-1340-rce https://www.probablypwned.com/article/ivanti-epmm-zero-day-cve-2026-1281-cve-2026-1340-rce Fri, 30 Jan 2026 13:08:22 GMT <![CDATA[OpenSSL Stack Overflow Enables Remote Code Execution]]> https://www.probablypwned.com/article/openssl-cve-2025-15467-stack-overflow-rce-ai-discovered https://www.probablypwned.com/article/openssl-cve-2025-15467-stack-overflow-rce-ai-discovered Thu, 29 Jan 2026 16:42:00 GMT <![CDATA[n8n Sandbox Escape Flaws Allow Full Server Compromise]]> https://www.probablypwned.com/article/n8n-sandbox-escape-cve-2026-1470-cve-2026-0863-rce https://www.probablypwned.com/article/n8n-sandbox-escape-cve-2026-1470-cve-2026-0863-rce Thu, 29 Jan 2026 13:04:31 GMT <![CDATA[ClickFix Attacks Now Abuse Windows App-V to Deliver Malware]]> https://www.probablypwned.com/article/clickfix-fake-captcha-appv-scripts-amatera-stealer https://www.probablypwned.com/article/clickfix-fake-captcha-appv-scripts-amatera-stealer Thu, 29 Jan 2026 13:03:51 GMT <![CDATA[Mustang Panda Upgrades COOLCLIENT With Browser Credential Theft]]> https://www.probablypwned.com/article/mustang-panda-coolclient-backdoor-infostealer-browser-theft https://www.probablypwned.com/article/mustang-panda-coolclient-backdoor-infostealer-browser-theft Thu, 29 Jan 2026 13:03:10 GMT <![CDATA[Ransomware's Evolution: From File Encryption to Psychological Warfare]]> https://www.probablypwned.com/article/ransomware-psychology-extortion-tactics-2026 https://www.probablypwned.com/article/ransomware-psychology-extortion-tactics-2026 Wed, 28 Jan 2026 13:05:07 GMT <![CDATA[WordPress Plugin Flaw Gives Attackers Admin Access Without Login]]> https://www.probablypwned.com/article/wordpress-modular-ds-cve-2026-23550-admin-takeover https://www.probablypwned.com/article/wordpress-modular-ds-cve-2026-23550-admin-takeover Wed, 28 Jan 2026 13:04:45 GMT <![CDATA[Fortinet FortiCloud SSO Zero-Day Exploited to Hijack Firewalls]]> https://www.probablypwned.com/article/fortinet-forticloud-sso-zero-day-cve-2026-24858 https://www.probablypwned.com/article/fortinet-forticloud-sso-zero-day-cve-2026-24858 Wed, 28 Jan 2026 13:03:27 GMT <![CDATA[Data Privacy Week 2026 Kicks Off With AI and Children's Privacy Focus]]> https://www.probablypwned.com/article/data-privacy-week-2026-take-control-of-your-data https://www.probablypwned.com/article/data-privacy-week-2026-take-control-of-your-data Tue, 27 Jan 2026 13:06:06 GMT <![CDATA[SmarterMail Auth Bypass Lets Attackers Reset Admin Passwords]]> https://www.probablypwned.com/article/smartermail-cve-2026-23760-admin-password-reset-bypass https://www.probablypwned.com/article/smartermail-cve-2026-23760-admin-password-reset-bypass Tue, 27 Jan 2026 13:05:25 GMT <![CDATA[Microsoft Office Zero-Day Under Active Attack Gets Emergency Patch]]> https://www.probablypwned.com/article/microsoft-office-zero-day-cve-2026-21509-ole-bypass https://www.probablypwned.com/article/microsoft-office-zero-day-cve-2026-21509-ole-bypass Tue, 27 Jan 2026 13:02:33 GMT <![CDATA[Microsoft Probes Windows 11 Boot Failures After January Patch]]> https://www.probablypwned.com/article/windows-11-boot-failures-january-2026-patch-kb5074109 https://www.probablypwned.com/article/windows-11-boot-failures-january-2026-patch-kb5074109 Mon, 26 Jan 2026 13:09:02 GMT <![CDATA[North Korea's Konni APT Deploys AI-Built Malware Against Devs]]> https://www.probablypwned.com/article/konni-apt-ai-generated-powershell-malware-blockchain-developers https://www.probablypwned.com/article/konni-apt-ai-generated-powershell-malware-blockchain-developers Mon, 26 Jan 2026 13:08:02 GMT <![CDATA[Firefox 147 Fixes 16 Vulnerabilities Including Sandbox Escapes]]> https://www.probablypwned.com/article/firefox-147-security-update-16-vulnerabilities-sandbox-escapes https://www.probablypwned.com/article/firefox-147-security-update-16-vulnerabilities-sandbox-escapes Mon, 26 Jan 2026 13:07:27 GMT <![CDATA[Curl Ends Bug Bounty Program After AI Slop Floods Queue]]> https://www.probablypwned.com/article/curl-ends-bug-bounty-ai-generated-reports https://www.probablypwned.com/article/curl-ends-bug-bounty-ai-generated-reports Sun, 25 Jan 2026 13:05:14 GMT <![CDATA[VSCode Extensions With 1.5M Installs Exfiltrate Code to China]]> https://www.probablypwned.com/article/malicious-vscode-extensions-china-1-5-million-installs https://www.probablypwned.com/article/malicious-vscode-extensions-china-1-5-million-installs Sun, 25 Jan 2026 13:04:42 GMT <![CDATA[ShinyHunters Vishing Campaign Targets Okta SSO Accounts]]> https://www.probablypwned.com/article/shinyhunters-vishing-okta-sso-crunchbase-betterment https://www.probablypwned.com/article/shinyhunters-vishing-okta-sso-crunchbase-betterment Sun, 25 Jan 2026 13:04:06 GMT <![CDATA[CISA Adds VMware vCenter, Zimbra Flaws to Exploited List]]> https://www.probablypwned.com/article/cisa-kev-vmware-vcenter-zimbra-versa-january-2026 https://www.probablypwned.com/article/cisa-kev-vmware-vcenter-zimbra-versa-january-2026 Sat, 24 Jan 2026 13:05:45 GMT <![CDATA[AitM Phishing Campaign Hits Energy Sector via SharePoint]]> https://www.probablypwned.com/article/microsoft-aitm-phishing-bec-energy-sector https://www.probablypwned.com/article/microsoft-aitm-phishing-bec-energy-sector Sat, 24 Jan 2026 13:05:07 GMT <![CDATA[Osiris Ransomware Uses Custom Driver to Kill Security Tools]]> https://www.probablypwned.com/article/osiris-ransomware-byovd-poortry-driver https://www.probablypwned.com/article/osiris-ransomware-byovd-poortry-driver Sat, 24 Jan 2026 13:04:26 GMT <![CDATA[11-Year-Old Telnet Bug Hands Attackers Root Access]]> https://www.probablypwned.com/article/cve-2026-24061-gnu-inetutils-telnetd-root-bypass https://www.probablypwned.com/article/cve-2026-24061-gnu-inetutils-telnetd-root-bypass Sat, 24 Jan 2026 13:03:51 GMT <![CDATA[Sandworm Deploys DynoWiper in Attack on Poland's Power Grid]]> https://www.probablypwned.com/article/sandworm-dynowiper-poland-power-grid-attack https://www.probablypwned.com/article/sandworm-dynowiper-poland-power-grid-attack Sat, 24 Jan 2026 13:03:11 GMT <![CDATA[FortiGate Patch Fails: Attackers Still Exploiting SSO Bypass]]> https://www.probablypwned.com/article/fortigate-patch-bypass-cve-2025-59718-attacks-continue https://www.probablypwned.com/article/fortigate-patch-bypass-cve-2025-59718-attacks-continue Fri, 23 Jan 2026 13:06:08 GMT <![CDATA[Pwn2Own Automotive 2026 Ends With 76 Zero-Days, $1M+ Awarded]]> https://www.probablypwned.com/article/pwn2own-automotive-2026-final-76-zero-days-master-of-pwn https://www.probablypwned.com/article/pwn2own-automotive-2026-final-76-zero-days-master-of-pwn Fri, 23 Jan 2026 13:05:24 GMT <![CDATA[Russia's Fancy Bear Running Low-Cost Credential Theft Across Three Continents]]> https://www.probablypwned.com/article/apt28-fancy-bear-credential-harvesting-balkans-central-asia https://www.probablypwned.com/article/apt28-fancy-bear-credential-harvesting-balkans-central-asia Thu, 22 Jan 2026 13:08:52 GMT <![CDATA[LastPass Warns of Phishing Campaign Targeting Master Passwords]]> https://www.probablypwned.com/article/lastpass-phishing-campaign-vault-backup-master-password https://www.probablypwned.com/article/lastpass-phishing-campaign-vault-backup-master-password Thu, 22 Jan 2026 13:08:02 GMT <![CDATA[Pwn2Own Automotive 2026 Day Two: 66 Zero-Days, $955K in Prizes]]> https://www.probablypwned.com/article/pwn2own-automotive-2026-day-two-66-zero-days https://www.probablypwned.com/article/pwn2own-automotive-2026-day-two-66-zero-days Thu, 22 Jan 2026 13:07:09 GMT <![CDATA[Zoom Patches CVSS 9.9 Flaw That Let Meeting Participants Run Code]]> https://www.probablypwned.com/article/zoom-mmr-cve-2026-22844-critical-rce-meeting-participant https://www.probablypwned.com/article/zoom-mmr-cve-2026-22844-critical-rce-meeting-participant Thu, 22 Jan 2026 13:06:21 GMT <![CDATA[Fake Ad Blocker Crashes Browsers to Deploy Enterprise Backdoor]]> https://www.probablypwned.com/article/nexshield-crashfix-chrome-extension-modelorat-enterprise https://www.probablypwned.com/article/nexshield-crashfix-chrome-extension-modelorat-enterprise Wed, 21 Jan 2026 13:09:06 GMT <![CDATA[WordPress ACF Extended Bug Lets Anyone Become Admin]]> https://www.probablypwned.com/article/acf-extended-wordpress-cve-2025-14533-admin-takeover https://www.probablypwned.com/article/acf-extended-wordpress-cve-2025-14533-admin-takeover Wed, 21 Jan 2026 13:08:33 GMT <![CDATA[Pwn2Own Automotive Day One: Tesla Hacked, $516K Awarded]]> https://www.probablypwned.com/article/pwn2own-automotive-2026-day-one-tesla-37-zero-days https://www.probablypwned.com/article/pwn2own-automotive-2026-day-one-tesla-37-zero-days Wed, 21 Jan 2026 13:07:41 GMT <![CDATA[EU Proposes Cybersecurity Overhaul to Counter Supply Chain Risks]]> https://www.probablypwned.com/article/eu-cybersecurity-act-revision-enisa-supply-chain https://www.probablypwned.com/article/eu-cybersecurity-act-revision-enisa-supply-chain Wed, 21 Jan 2026 13:07:06 GMT <![CDATA[Best Cybersecurity Tools on Amazon for Security Professionals]]> https://www.probablypwned.com/article/best-cybersecurity-tools-amazon-2025 https://www.probablypwned.com/article/best-cybersecurity-tools-amazon-2025 Tue, 20 Jan 2026 19:03:54 GMT <![CDATA[CISA Warns Ransomware Groups Targeting SimpleHelp RMM]]> https://www.probablypwned.com/article/cisa-simplehelp-ransomware-utility-billing-dragonforce https://www.probablypwned.com/article/cisa-simplehelp-ransomware-utility-billing-dragonforce Tue, 20 Jan 2026 13:05:51 GMT <![CDATA[PDFSider Backdoor Hits Fortune 100 Firm, Linked to Qilin]]> https://www.probablypwned.com/article/pdfsider-malware-fortune-100-qilin-ransomware-dll-sideload https://www.probablypwned.com/article/pdfsider-malware-fortune-100-qilin-ransomware-dll-sideload Tue, 20 Jan 2026 13:04:56 GMT <![CDATA[Ingram Micro Confirms Ransomware Breach Affecting 42,000]]> https://www.probablypwned.com/article/ingram-micro-ransomware-breach-42000-employees-safepay https://www.probablypwned.com/article/ingram-micro-ransomware-breach-42000-employees-safepay Tue, 20 Jan 2026 13:04:19 GMT <![CDATA[Oracle Patches 336 Vulnerabilities in January 2026 CPU]]> https://www.probablypwned.com/article/oracle-critical-patch-update-january-2026-336-vulnerabilities https://www.probablypwned.com/article/oracle-critical-patch-update-january-2026-336-vulnerabilities Tue, 20 Jan 2026 13:03:40 GMT <![CDATA[Apache Struts XXE Flaw Exposes Enterprise Apps to Data Theft]]> https://www.probablypwned.com/article/apache-struts-xxe-cve-2025-68493-sensitive-data https://www.probablypwned.com/article/apache-struts-xxe-cve-2025-68493-sensitive-data Mon, 19 Jan 2026 13:05:58 GMT <![CDATA[Critical zlib Buffer Overflow Threatens Widespread Systems]]> https://www.probablypwned.com/article/zlib-untgz-buffer-overflow-cve-2026-22184 https://www.probablypwned.com/article/zlib-untgz-buffer-overflow-cve-2026-22184 Mon, 19 Jan 2026 13:05:27 GMT <![CDATA[BreachForums Database Leaked, Exposing 324K Users]]> https://www.probablypwned.com/article/breachforums-database-leak-324000-cybercriminal-users https://www.probablypwned.com/article/breachforums-database-leak-324000-cybercriminal-users Mon, 19 Jan 2026 13:04:48 GMT <![CDATA[CISA Releases 10 ICS Advisories for Siemens, Schneider, Others]]> https://www.probablypwned.com/article/cisa-ics-advisories-siemens-schneider-january-2026 https://www.probablypwned.com/article/cisa-ics-advisories-siemens-schneider-january-2026 Sun, 18 Jan 2026 14:15:00 GMT <![CDATA[Shadow AI Drives 2x Surge in Enterprise Data Violations]]> https://www.probablypwned.com/article/netskope-shadow-ai-genai-data-violations-2026 https://www.probablypwned.com/article/netskope-shadow-ai-genai-data-violations-2026 Sun, 18 Jan 2026 13:00:00 GMT <![CDATA[OpenAI Announces Ads Coming to ChatGPT Free Tier]]> https://www.probablypwned.com/article/openai-chatgpt-ads-free-users-privacy-concerns https://www.probablypwned.com/article/openai-chatgpt-ads-free-users-privacy-concerns Sun, 18 Jan 2026 11:45:00 GMT <![CDATA[FBI: BadBox 2.0 Malware Pre-Installed on 1M+ Android Devices]]> https://www.probablypwned.com/article/fbi-badbox-2-android-malware-million-devices https://www.probablypwned.com/article/fbi-badbox-2-android-malware-million-devices Sun, 18 Jan 2026 10:30:00 GMT <![CDATA[Iran-Linked Hackers Target Middle East Officials via WhatsApp]]> https://www.probablypwned.com/article/apt42-iran-whatsapp-gmail-middle-east-espionage https://www.probablypwned.com/article/apt42-iran-whatsapp-gmail-middle-east-espionage Sun, 18 Jan 2026 09:15:00 GMT <![CDATA[TamperedChef Infostealer Hides in Fake PDF Editors via Google Ads]]> https://www.probablypwned.com/article/tamperedchef-malvertising-pdf-infostealer-google-ads https://www.probablypwned.com/article/tamperedchef-malvertising-pdf-infostealer-google-ads Sat, 17 Jan 2026 16:58:29 GMT <![CDATA[Astaroth Banking Trojan Spreads via WhatsApp Worm in Brazil]]> https://www.probablypwned.com/article/astaroth-whatsapp-worm-brazil-boto-cor-de-rosa https://www.probablypwned.com/article/astaroth-whatsapp-worm-brazil-boto-cor-de-rosa Sat, 17 Jan 2026 16:57:57 GMT <![CDATA[Black Cat Infects 278,000 Hosts in China via SEO Poisoning]]> https://www.probablypwned.com/article/black-cat-seo-poisoning-china-278000-hosts-infected https://www.probablypwned.com/article/black-cat-seo-poisoning-china-278000-hosts-infected Sat, 17 Jan 2026 16:57:29 GMT <![CDATA[SHADOW#REACTOR Campaign Drops Remcos RAT via MSBuild]]> https://www.probablypwned.com/article/shadow-reactor-remcos-rat-msbuild-enterprise-attacks https://www.probablypwned.com/article/shadow-reactor-remcos-rat-msbuild-enterprise-attacks Sat, 17 Jan 2026 16:56:59 GMT <![CDATA[Chrome Extensions Target Workday and NetSuite for Session Theft]]> https://www.probablypwned.com/article/chrome-extensions-workday-netsuite-session-hijacking https://www.probablypwned.com/article/chrome-extensions-workday-netsuite-session-hijacking Sat, 17 Jan 2026 15:30:00 GMT <![CDATA[StealC XSS Flaw Let Researchers Monitor Malware Operators]]> https://www.probablypwned.com/article/stealc-xss-vulnerability-researchers-hack-hackers https://www.probablypwned.com/article/stealc-xss-vulnerability-researchers-hack-hackers Sat, 17 Jan 2026 14:15:00 GMT <![CDATA[Reprompt Attack Turned Microsoft Copilot Into a Data Thief]]> https://www.probablypwned.com/article/reprompt-attack-microsoft-copilot-single-click-exfiltration https://www.probablypwned.com/article/reprompt-attack-microsoft-copilot-single-click-exfiltration Sat, 17 Jan 2026 13:00:00 GMT <![CDATA[Victoria Education Breach Exposes Student Data at 1,700 Schools]]> https://www.probablypwned.com/article/victorian-education-breach-1700-schools-student-data https://www.probablypwned.com/article/victorian-education-breach-1700-schools-student-data Sat, 17 Jan 2026 11:45:00 GMT <![CDATA[Black Basta Leader Oleg Nefedov Added to Interpol Wanted List]]> https://www.probablypwned.com/article/black-basta-leader-oleg-nefedov-interpol-red-notice https://www.probablypwned.com/article/black-basta-leader-oleg-nefedov-interpol-red-notice Sat, 17 Jan 2026 10:30:00 GMT <![CDATA[China-Linked UAT-8837 Exploits Sitecore Zero-Day in US Attacks]]> https://www.probablypwned.com/article/uat-8837-china-apt-sitecore-zero-day-north-america https://www.probablypwned.com/article/uat-8837-china-apt-sitecore-zero-day-north-america Sat, 17 Jan 2026 09:15:00 GMT <![CDATA[Cisco Patches Email Gateway Zero-Day Exploited by Chinese APT]]> https://www.probablypwned.com/article/cisco-asyncos-cve-2025-20393-patch-released https://www.probablypwned.com/article/cisco-asyncos-cve-2025-20393-patch-released Fri, 16 Jan 2026 14:30:00 GMT <![CDATA[Gootloader Malware Uses 1,000 Stacked ZIPs to Dodge Detection]]> https://www.probablypwned.com/article/gootloader-malware-1000-zip-archives-evasion https://www.probablypwned.com/article/gootloader-malware-1000-zip-archives-evasion Fri, 16 Jan 2026 13:15:00 GMT <![CDATA[WhisperPair Flaw Lets Hackers Hijack Sony, Google Headphones]]> https://www.probablypwned.com/article/whisperpair-bluetooth-vulnerability-google-fast-pair https://www.probablypwned.com/article/whisperpair-bluetooth-vulnerability-google-fast-pair Fri, 16 Jan 2026 12:00:00 GMT <![CDATA[Microsoft Dismantles RedVDS Phishing Platform Behind $40M Fraud]]> https://www.probablypwned.com/article/microsoft-redvds-takedown-40-million-fraud https://www.probablypwned.com/article/microsoft-redvds-takedown-40-million-fraud Fri, 16 Jan 2026 10:45:00 GMT <![CDATA[Grubhub Hit by Second Breach, ShinyHunters Demanding Ransom]]> https://www.probablypwned.com/article/grubhub-data-breach-shinyhunters-extortion-january-2026 https://www.probablypwned.com/article/grubhub-data-breach-shinyhunters-extortion-january-2026 Fri, 16 Jan 2026 09:30:00 GMT <![CDATA[Cal.com Flaw Lets Attackers Bypass MFA With Fake TOTP Codes]]> https://www.probablypwned.com/article/cal-com-totp-bypass-account-takeover-vulnerability https://www.probablypwned.com/article/cal-com-totp-bypass-account-takeover-vulnerability Thu, 15 Jan 2026 12:15:00 GMT <![CDATA[n8n Sandbox Escape Lets Users Run System Commands]]> https://www.probablypwned.com/article/n8n-python-sandbox-bypass-cve-2025-68668 https://www.probablypwned.com/article/n8n-python-sandbox-bypass-cve-2025-68668 Thu, 15 Jan 2026 11:00:00 GMT <![CDATA[Russian Hackers Target Ukraine Military With Fake Charities]]> https://www.probablypwned.com/article/void-blizzard-pluggyape-malware-ukraine-defense https://www.probablypwned.com/article/void-blizzard-pluggyape-malware-ukraine-defense Thu, 15 Jan 2026 09:45:00 GMT <![CDATA[Palo Alto Patches GlobalProtect DoS Flaw With Public PoC]]> https://www.probablypwned.com/article/palo-alto-pan-os-globalprotect-dos-cve-2026-0227 https://www.probablypwned.com/article/palo-alto-pan-os-globalprotect-dos-cve-2026-0227 Thu, 15 Jan 2026 08:30:00 GMT <![CDATA[Everest Gang Claims 900GB Nissan Breach, Sets 5-Day Deadline]]> https://www.probablypwned.com/article/everest-ransomware-nissan-900gb-data-breach-claim https://www.probablypwned.com/article/everest-ransomware-nissan-900gb-data-breach-claim Wed, 14 Jan 2026 14:15:00 GMT <![CDATA[Attackers Mapped 91,000+ AI Endpoints in Mass Recon Campaign]]> https://www.probablypwned.com/article/greynoise-91000-attacks-llm-ai-infrastructure https://www.probablypwned.com/article/greynoise-91000-attacks-llm-ai-infrastructure Wed, 14 Jan 2026 13:00:00 GMT <![CDATA[VoidLink: New Malware Framework Built for Linux Cloud Attacks]]> https://www.probablypwned.com/article/voidlink-malware-framework-linux-cloud-check-point https://www.probablypwned.com/article/voidlink-malware-framework-linux-cloud-check-point Wed, 14 Jan 2026 11:45:00 GMT <![CDATA[FortiSIEM RCE Flaw Lets Attackers Gain Root Without Auth]]> https://www.probablypwned.com/article/fortisiem-critical-rce-cve-2025-64155-unauthenticated https://www.probablypwned.com/article/fortisiem-critical-rce-cve-2025-64155-unauthenticated Wed, 14 Jan 2026 10:30:00 GMT <![CDATA[Microsoft Patches 113 CVEs Including Actively Exploited Zero-Day]]> https://www.probablypwned.com/article/microsoft-patch-tuesday-january-2026-zero-day-cve-2026-20805 https://www.probablypwned.com/article/microsoft-patch-tuesday-january-2026-zero-day-cve-2026-20805 Wed, 14 Jan 2026 09:15:00 GMT <![CDATA[WEF Report: CEOs Now Fear AI-Powered Fraud More Than Ransomware]]> https://www.probablypwned.com/article/wef-cybersecurity-outlook-2026-fraud-overtakes-ransomware https://www.probablypwned.com/article/wef-cybersecurity-outlook-2026-fraud-overtakes-ransomware Tue, 13 Jan 2026 16:00:00 GMT <![CDATA[Chinese APT Used VMware ESXi Zero-Days to Escape VMs]]> https://www.probablypwned.com/article/vmware-esxi-maestro-zero-day-china-apt-exploitation https://www.probablypwned.com/article/vmware-esxi-maestro-zero-day-china-apt-exploitation Tue, 13 Jan 2026 15:00:00 GMT <![CDATA[SAP Patches CVSS 9.9 SQL Injection in January Update]]> https://www.probablypwned.com/article/sap-security-patch-day-january-2026-critical-sql-injection https://www.probablypwned.com/article/sap-security-patch-day-january-2026-critical-sql-injection Tue, 13 Jan 2026 14:30:00 GMT <![CDATA[Salt Typhoon Breaches Congressional Committee Staff Emails]]> https://www.probablypwned.com/article/salt-typhoon-congressional-committee-email-breach https://www.probablypwned.com/article/salt-typhoon-congressional-committee-email-breach Mon, 12 Jan 2026 19:03:54 GMT <![CDATA[Australian Insurer Prosura Breach Exposes Driver's Licenses]]> https://www.probablypwned.com/article/prosura-australia-insurance-breach-98-million-records https://www.probablypwned.com/article/prosura-australia-insurance-breach-98-million-records Mon, 12 Jan 2026 19:03:54 GMT <![CDATA[FBI Warns Kimsuky Using QR Codes to Steal Credentials]]> https://www.probablypwned.com/article/fbi-kimsuky-quishing-north-korea-qr-codes https://www.probablypwned.com/article/fbi-kimsuky-quishing-north-korea-qr-codes Mon, 12 Jan 2026 19:03:54 GMT <![CDATA[Meta Denies Breach as 17.5M Instagram Records Fuel Password Reset Attacks]]> https://www.probablypwned.com/article/instagram-17-million-accounts-scraped-password-reset-wave https://www.probablypwned.com/article/instagram-17-million-accounts-scraped-password-reset-wave Sun, 11 Jan 2026 16:00:00 GMT <![CDATA[Cisco Patches ISE Flaw After Public PoC Exploit Emerges]]> https://www.probablypwned.com/article/cisco-ise-xxe-cve-2026-20029-poc-exploit-released https://www.probablypwned.com/article/cisco-ise-xxe-cve-2026-20029-poc-exploit-released Sun, 11 Jan 2026 14:00:00 GMT <![CDATA[CISA Closes 10 Emergency Directives in Historic Shift]]> https://www.probablypwned.com/article/cisa-retires-10-emergency-directives-policy-shift https://www.probablypwned.com/article/cisa-retires-10-emergency-directives-policy-shift Sun, 11 Jan 2026 12:00:00 GMT <![CDATA[Russia's APT28 Harvests Credentials Across Balkans and Central Asia]]> https://www.probablypwned.com/article/apt28-fancy-bear-credential-theft-balkans-middle-east https://www.probablypwned.com/article/apt28-fancy-bear-credential-theft-balkans-middle-east Sun, 11 Jan 2026 10:00:00 GMT <![CDATA[Angular XSS Flaw Bypasses Sanitization via SVG Script Tags]]> https://www.probablypwned.com/article/angular-xss-svg-script-cve-2026-22610 https://www.probablypwned.com/article/angular-xss-svg-script-cve-2026-22610 Sun, 11 Jan 2026 08:00:00 GMT <![CDATA[Supply Chain Attacks on Developer Tools: A Growing Threat]]> https://www.probablypwned.com/article/supply-chain-attacks-developer-tools-guide https://www.probablypwned.com/article/supply-chain-attacks-developer-tools-guide Sat, 10 Jan 2026 18:00:00 GMT <![CDATA[Ransomware Groups to Watch in 2025-2026]]> https://www.probablypwned.com/article/ransomware-groups-2025-2026-profiles-guide https://www.probablypwned.com/article/ransomware-groups-2025-2026-profiles-guide Sat, 10 Jan 2026 17:00:00 GMT <![CDATA[North Korea's Cyber Army: A Lazarus Group Profile]]> https://www.probablypwned.com/article/north-korea-lazarus-cyber-operations-guide https://www.probablypwned.com/article/north-korea-lazarus-cyber-operations-guide Sat, 10 Jan 2026 16:00:00 GMT <![CDATA[17.5 Million Instagram Accounts Leaked on BreachForums]]> https://www.probablypwned.com/article/instagram-17-million-accounts-leaked-breachforums https://www.probablypwned.com/article/instagram-17-million-accounts-leaked-breachforums Sat, 10 Jan 2026 15:00:00 GMT <![CDATA[Healthcare Cybersecurity: Why Hospitals Are Under Siege]]> https://www.probablypwned.com/article/healthcare-cybersecurity-ransomware-threats-guide https://www.probablypwned.com/article/healthcare-cybersecurity-ransomware-threats-guide Sat, 10 Jan 2026 14:00:00 GMT <![CDATA[Fog Ransomware Targets US Schools Through Stolen VPNs]]> https://www.probablypwned.com/article/fog-ransomware-targets-us-education-via-vpn-credentials https://www.probablypwned.com/article/fog-ransomware-targets-us-education-via-vpn-credentials Sat, 10 Jan 2026 13:00:00 GMT <![CDATA[CrazyHunter Ransomware Hits Taiwan Healthcare Sector]]> https://www.probablypwned.com/article/crazyhunter-ransomware-taiwan-healthcare-byovd-attacks https://www.probablypwned.com/article/crazyhunter-ransomware-taiwan-healthcare-byovd-attacks Sat, 10 Jan 2026 12:00:00 GMT <![CDATA[Coolify Command Injection Flaws Grant Root Access]]> https://www.probablypwned.com/article/coolify-critical-command-injection-52000-instances-exposed https://www.probablypwned.com/article/coolify-critical-command-injection-52000-instances-exposed Sat, 10 Jan 2026 11:00:00 GMT <![CDATA[Cisco Snort 3 Flaws Enable DoS and Data Leaks]]> https://www.probablypwned.com/article/cisco-snort-3-dce-rpc-vulnerabilities-dos-data-leak https://www.probablypwned.com/article/cisco-snort-3-dce-rpc-vulnerabilities-dos-data-leak Sat, 10 Jan 2026 10:00:00 GMT <![CDATA[Browser Extension Threats: What Security Teams Must Know]]> https://www.probablypwned.com/article/browser-extension-threats-enterprise-security-guide https://www.probablypwned.com/article/browser-extension-threats-enterprise-security-guide Sat, 10 Jan 2026 09:00:00 GMT <![CDATA[Auth Bypass in Network Appliances: A Pattern Emerges]]> https://www.probablypwned.com/article/authentication-bypass-network-appliances-pattern-analysis https://www.probablypwned.com/article/authentication-bypass-network-appliances-pattern-analysis Sat, 10 Jan 2026 08:00:00 GMT <![CDATA[Hacker Selling 139GB of US Utility Engineering Data]]> https://www.probablypwned.com/article/pickett-usa-breach-utility-lidar-data-for-sale https://www.probablypwned.com/article/pickett-usa-breach-utility-lidar-data-for-sale Fri, 09 Jan 2026 19:03:54 GMT <![CDATA[Microsoft Teams Enables Security Defaults on January 12]]> https://www.probablypwned.com/article/microsoft-teams-security-defaults-january-12 https://www.probablypwned.com/article/microsoft-teams-security-defaults-january-12 Fri, 09 Jan 2026 19:03:54 GMT <![CDATA[jsPDF Flaw Lets Attackers Embed Local Files in PDFs]]> https://www.probablypwned.com/article/jspdf-cve-2025-68428-arbitrary-file-read-nodejs https://www.probablypwned.com/article/jspdf-cve-2025-68428-arbitrary-file-read-nodejs Fri, 09 Jan 2026 19:03:54 GMT <![CDATA[Chrome Extensions Stealing ChatGPT Chats Hit 900K Users]]> https://www.probablypwned.com/article/chrome-extensions-900k-users-chatgpt-deepseek-theft https://www.probablypwned.com/article/chrome-extensions-900k-users-chatgpt-deepseek-theft Fri, 09 Jan 2026 19:03:54 GMT <![CDATA[Cisco Talos Exposes UAT-7290: China APT Targeting Telecoms]]> https://www.probablypwned.com/article/uat-7290-china-apt-telecom-south-asia-talos https://www.probablypwned.com/article/uat-7290-china-apt-telecom-south-asia-talos Thu, 08 Jan 2026 19:03:54 GMT <![CDATA[n8n 'Ni8mare' Flaw Allows Unauthenticated Server Takeover]]> https://www.probablypwned.com/article/n8n-ni8mare-cve-2026-21858-unauthenticated-rce https://www.probablypwned.com/article/n8n-ni8mare-cve-2026-21858-unauthenticated-rce Thu, 08 Jan 2026 19:03:54 GMT <![CDATA[CISA Adds 16-Year-Old PowerPoint Flaw to Exploited List]]> https://www.probablypwned.com/article/cisa-kev-powerpoint-hpe-oneview-january-2026 https://www.probablypwned.com/article/cisa-kev-powerpoint-hpe-oneview-january-2026 Thu, 08 Jan 2026 19:03:54 GMT <![CDATA[UK Commits £210M to Mandatory Public Sector Cybersecurity]]> https://www.probablypwned.com/article/uk-government-cyber-action-plan-210-million https://www.probablypwned.com/article/uk-government-cyber-action-plan-210-million Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Resecurity Catches Hackers Red-Handed with Deliberate Honeypot Trap]]> https://www.probablypwned.com/article/resecurity-honeypot-catches-hackers-scattered-lapsus-slh https://www.probablypwned.com/article/resecurity-honeypot-catches-hackers-scattered-lapsus-slh Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Qilin Ransomware Hits 5 Targets in 24 Hours Including Healthcare]]> https://www.probablypwned.com/article/qilin-ransomware-17-attacks-healthcare-january-2026 https://www.probablypwned.com/article/qilin-ransomware-17-attacks-healthcare-january-2026 Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Microsoft: Tycoon2FA Phishing Exploits Email Misconfigurations]]> https://www.probablypwned.com/article/microsoft-tycoon2fa-domain-spoofing-13-million-emails https://www.probablypwned.com/article/microsoft-tycoon2fa-domain-spoofing-13-million-emails Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Lazarus Weaponizes Fake Job Interviews With ClickFix Malware]]> https://www.probablypwned.com/article/lazarus-apt-clickfix-fake-job-interviews-malware https://www.probablypwned.com/article/lazarus-apt-clickfix-fake-job-interviews-malware Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Chrome WebView Flaw Lets Attackers Bypass Security Controls]]> https://www.probablypwned.com/article/google-chrome-webview-cve-2026-0628-security-bypass https://www.probablypwned.com/article/google-chrome-webview-cve-2026-0628-security-bypass Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Critical D-Link Router Flaw Under Active Attack, No Patch Coming]]> https://www.probablypwned.com/article/d-link-dsl-router-cve-2026-0625-active-exploitation https://www.probablypwned.com/article/d-link-dsl-router-cve-2026-0625-active-exploitation Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Dartmouth Data Breach Exposes 40,000+ in Clop Ransomware Attack]]> https://www.probablypwned.com/article/dartmouth-clop-ransomware-breach-40000-affected https://www.probablypwned.com/article/dartmouth-clop-ransomware-breach-40000-affected Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Dartmouth Breach Exposes 44,000 in Clop Oracle Campaign]]> https://www.probablypwned.com/article/dartmouth-clop-ransomware-breach-44000-oracle-ebs https://www.probablypwned.com/article/dartmouth-clop-ransomware-breach-44000-oracle-ebs Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Chrome Patches High-Severity WebView Policy Bypass]]> https://www.probablypwned.com/article/chrome-webview-cve-2026-0628-policy-bypass https://www.probablypwned.com/article/chrome-webview-cve-2026-0628-policy-bypass Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[New 'Brutus' Brute-Force Tool Targets Fortinet on Dark Web]]> https://www.probablypwned.com/article/brutus-brute-force-tool-fortinet-dark-web https://www.probablypwned.com/article/brutus-brute-force-tool-fortinet-dark-web Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Blue Shield California Exposes Member Health Data in Portal Error]]> https://www.probablypwned.com/article/blue-shield-california-record-merge-data-exposure https://www.probablypwned.com/article/blue-shield-california-record-merge-data-exposure Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[ASML Breach Claim: 154 Databases and Encryption Keys Leaked]]> https://www.probablypwned.com/article/asml-semiconductor-breach-154-databases-encryption-keys https://www.probablypwned.com/article/asml-semiconductor-breach-154-databases-encryption-keys Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[700Credit Breach Exposes Millions of Social Security Numbers from Auto Dealership Transactions]]> https://www.probablypwned.com/article/700credit-breach-millions-ssn-auto-dealerships https://www.probablypwned.com/article/700credit-breach-millions-ssn-auto-dealerships Wed, 07 Jan 2026 19:03:54 GMT <![CDATA[Silk Typhoon: Chinese APT Escalates Attacks on US Government and IT Supply Chain]]> https://www.probablypwned.com/article/silk-typhoon-china-apt-us-government-treasury-attack https://www.probablypwned.com/article/silk-typhoon-china-apt-us-government-treasury-attack Tue, 06 Jan 2026 19:03:54 GMT <![CDATA[Ledger Data Breach: Payment Processor Compromise Exposes Crypto Wallet Users]]> https://www.probablypwned.com/article/ledger-data-breach-global-e-payment-processor https://www.probablypwned.com/article/ledger-data-breach-global-e-payment-processor Tue, 06 Jan 2026 19:03:54 GMT <![CDATA[GlassWorm Malware Targets macOS Developers Through Poisoned VS Code Extensions]]> https://www.probablypwned.com/article/glassworm-malware-macos-vscode-extensions-supply-chain https://www.probablypwned.com/article/glassworm-malware-macos-vscode-extensions-supply-chain Tue, 06 Jan 2026 19:03:54 GMT <![CDATA[Brightspeed Investigating Breach After Crimson Collective Claims 1M+ Customer Records]]> https://www.probablypwned.com/article/brightspeed-crimson-collective-million-customers-data-breach https://www.probablypwned.com/article/brightspeed-crimson-collective-million-customers-data-breach Tue, 06 Jan 2026 19:03:54 GMT <![CDATA[Apple Warns 1.8 Billion iPhone Users of WebKit Zero-Days Linked to Pegasus Spyware]]> https://www.probablypwned.com/article/apple-ios-zero-day-webkit-pegasus-spyware-warning https://www.probablypwned.com/article/apple-ios-zero-day-webkit-pegasus-spyware-warning Tue, 06 Jan 2026 19:03:54 GMT <![CDATA[Space Force Awards $212M Contract for Base Network Overhaul]]> https://www.probablypwned.com/article/space-force-caci-212-million-network-modernization-zero-trust https://www.probablypwned.com/article/space-force-caci-212-million-network-modernization-zero-trust Mon, 05 Jan 2026 19:03:54 GMT <![CDATA[Federal Contractor Sedgwick Hit by TridentLocker Ransomware]]> https://www.probablypwned.com/article/sedgwick-government-solutions-tridentlocker-ransomware-dhs https://www.probablypwned.com/article/sedgwick-government-solutions-tridentlocker-ransomware-dhs Mon, 05 Jan 2026 19:03:54 GMT <![CDATA[Stolen Credentials Fuel Self-Sustaining Malware Distribution]]> https://www.probablypwned.com/article/infostealer-clickfix-stolen-credentials-malware-distribution https://www.probablypwned.com/article/infostealer-clickfix-stolen-credentials-malware-distribution Mon, 05 Jan 2026 19:03:54 GMT <![CDATA[Christmas Attack Campaign Targets ColdFusion with 2.5M Requests]]> https://www.probablypwned.com/article/coldfusion-christmas-attack-2-5-million-requests-hong-kong https://www.probablypwned.com/article/coldfusion-christmas-attack-2-5-million-requests-hong-kong Mon, 05 Jan 2026 19:03:54 GMT <![CDATA[Canadian College Suspends Classes After Holiday Cyber Attack]]> https://www.probablypwned.com/article/aurora-college-cyber-attack-canada-classes-suspended https://www.probablypwned.com/article/aurora-college-cyber-attack-canada-classes-suspended Mon, 05 Jan 2026 19:03:54 GMT <![CDATA[RondoDox Botnet Targets 90K Servers via React2Shell]]> https://www.probablypwned.com/article/rondodox-botnet-react2shell-90000-servers-exposed https://www.probablypwned.com/article/rondodox-botnet-react2shell-90000-servers-exposed Sun, 04 Jan 2026 19:03:54 GMT <![CDATA[Finland Arrests Ship Crew Over Baltic Cable Sabotage]]> https://www.probablypwned.com/article/finland-arrests-crew-baltic-submarine-cable-sabotage https://www.probablypwned.com/article/finland-arrests-crew-baltic-submarine-cable-sabotage Sun, 04 Jan 2026 19:03:54 GMT <![CDATA[EmEditor Website Compromised to Deliver Infostealer]]> https://www.probablypwned.com/article/emeditor-supply-chain-attack-infostealer-walsham https://www.probablypwned.com/article/emeditor-supply-chain-attack-infostealer-walsham Sun, 04 Jan 2026 19:03:54 GMT <![CDATA[CISA Warns of Critical WHILL Wheelchair Bluetooth Flaw]]> https://www.probablypwned.com/article/cisa-whill-wheelchair-bluetooth-takeover-cve-2025-14346 https://www.probablypwned.com/article/cisa-whill-wheelchair-bluetooth-takeover-cve-2025-14346 Sun, 04 Jan 2026 19:03:54 GMT <![CDATA[New Zealand Health Portal Breach Exposes 126,000 Patients]]> https://www.probablypwned.com/article/managemyhealth-new-zealand-kazu-ransomware-126000-patients https://www.probablypwned.com/article/managemyhealth-new-zealand-kazu-ransomware-126000-patients Sat, 03 Jan 2026 19:03:54 GMT <![CDATA[Illinois Exposed 672,000 Medicaid Recipients for Three Years]]> https://www.probablypwned.com/article/illinois-dhs-medicaid-data-exposure-672000-recipients https://www.probablypwned.com/article/illinois-dhs-medicaid-data-exposure-672000-recipients Sat, 03 Jan 2026 19:03:54 GMT <![CDATA[Google Cloud Feature Weaponized in 9,000-Email Phishing Wave]]> https://www.probablypwned.com/article/google-cloud-application-integration-phishing-3200-orgs https://www.probablypwned.com/article/google-cloud-application-integration-phishing-3200-orgs Sat, 03 Jan 2026 19:03:54 GMT <![CDATA[Everest Ransomware Dumps Full 1TB of ASUS Stolen Data]]> https://www.probablypwned.com/article/everest-ransomware-asus-1tb-full-data-dump-leaked https://www.probablypwned.com/article/everest-ransomware-asus-1tb-full-data-dump-leaked Sat, 03 Jan 2026 19:03:54 GMT <![CDATA[Critical RCE Flaw in Signal K Threatens Marine Vessels]]> https://www.probablypwned.com/article/signal-k-server-cve-2025-66398-boat-rce https://www.probablypwned.com/article/signal-k-server-cve-2025-66398-boat-rce Fri, 02 Jan 2026 19:03:54 GMT <![CDATA[Lithuanian Arrested After KMSAuto Malware Steals $1.2M]]> https://www.probablypwned.com/article/lithuanian-kmsauto-clipper-malware-arrest-crypto-theft https://www.probablypwned.com/article/lithuanian-kmsauto-clipper-malware-arrest-crypto-theft Fri, 02 Jan 2026 19:03:54 GMT <![CDATA[GNU Wget2 Flaw Lets Attackers Overwrite System Files]]> https://www.probablypwned.com/article/gnu-wget2-cve-2025-69194-path-traversal https://www.probablypwned.com/article/gnu-wget2-cve-2025-69194-path-traversal Fri, 02 Jan 2026 19:03:54 GMT <![CDATA[GlassWorm Malware Pivots to macOS, Targets Crypto Wallets]]> https://www.probablypwned.com/article/glassworm-macos-open-vsx-cryptocurrency-wallets https://www.probablypwned.com/article/glassworm-macos-open-vsx-cryptocurrency-wallets Fri, 02 Jan 2026 19:03:54 GMT <![CDATA[Covenant Health Breach Exposes 478,000 Patient Records]]> https://www.probablypwned.com/article/covenant-health-breach-478000-qilin-ransomware https://www.probablypwned.com/article/covenant-health-breach-478000-qilin-ransomware Fri, 02 Jan 2026 19:03:54 GMT <![CDATA[CVSS 10.0 Zero-Day Hits 70,000 XSpeeder Devices]]> https://www.probablypwned.com/article/xspeeder-sxzos-cvss-10-zero-day-70000-devices https://www.probablypwned.com/article/xspeeder-sxzos-cvss-10-zero-day-70000-devices Thu, 01 Jan 2026 19:03:54 GMT <![CDATA[The 10 Worst Vulnerabilities of 2025: Ranked by Real-World Impact]]> https://www.probablypwned.com/article/top-10-worst-vulnerabilities-2025-by-impact https://www.probablypwned.com/article/top-10-worst-vulnerabilities-2025-by-impact Thu, 01 Jan 2026 19:03:54 GMT <![CDATA[IBM API Connect Auth Bypass Rated CVSS 9.8]]> https://www.probablypwned.com/article/ibm-api-connect-cve-2025-13915-cvss-9-8-auth-bypass https://www.probablypwned.com/article/ibm-api-connect-cve-2025-13915-cvss-9-8-auth-bypass Thu, 01 Jan 2026 19:03:54 GMT <![CDATA[European Space Agency Confirms Data Breach]]> https://www.probablypwned.com/article/european-space-agency-breach-200gb-data-888 https://www.probablypwned.com/article/european-space-agency-breach-200gb-data-888 Thu, 01 Jan 2026 19:03:54 GMT <![CDATA[DarkSpectre Malware Infected 8.8 Million Browser Users]]> https://www.probablypwned.com/article/darkspectre-browser-extension-8-million-users-china https://www.probablypwned.com/article/darkspectre-browser-extension-8-million-users-china Thu, 01 Jan 2026 19:03:54 GMT <![CDATA[SmarterMail CVE-2025-52691 Scores Perfect 10.0 CVSS for Unauthenticated RCE]]> https://www.probablypwned.com/article/smartermail-cve-2025-52691-cvss-10-critical-rce https://www.probablypwned.com/article/smartermail-cve-2025-52691-cvss-10-critical-rce Wed, 31 Dec 2025 19:03:54 GMT <![CDATA[Silver Fox APT Impersonates Indian Tax Officials in Espionage Campaign]]> https://www.probablypwned.com/article/silver-fox-apt-china-india-tax-impersonation-campaign https://www.probablypwned.com/article/silver-fox-apt-china-india-tax-impersonation-campaign Wed, 31 Dec 2025 19:03:54 GMT <![CDATA[Gentlemen Ransomware Cripples Romania's Largest Coal Power Producer]]> https://www.probablypwned.com/article/romania-oltenia-energy-gentlemen-ransomware-attack https://www.probablypwned.com/article/romania-oltenia-energy-gentlemen-ransomware-attack Wed, 31 Dec 2025 19:03:54 GMT <![CDATA[Chipotle Discloses Employee Data Breach Through Workday Payroll Accounts]]> https://www.probablypwned.com/article/chipotle-employee-workday-payroll-data-breach https://www.probablypwned.com/article/chipotle-employee-workday-payroll-data-breach Wed, 31 Dec 2025 19:03:54 GMT <![CDATA[ServiceNow Acquires Armis for $7.75 Billion in Largest Security Deal of 2025]]> https://www.probablypwned.com/article/servicenow-acquires-armis-7-75-billion-ai-security https://www.probablypwned.com/article/servicenow-acquires-armis-7-75-billion-ai-security Tue, 30 Dec 2025 19:03:54 GMT <![CDATA[Mustang Panda Deploys Kernel-Mode Rootkit to Conceal TONESHELL Backdoor]]> https://www.probablypwned.com/article/mustang-panda-kernel-rootkit-toneshell-signed-driver https://www.probablypwned.com/article/mustang-panda-kernel-rootkit-toneshell-signed-driver Tue, 30 Dec 2025 19:03:54 GMT <![CDATA[Korean Air Confirms 30,000 Employee Records Stolen in Supplier Breach]]> https://www.probablypwned.com/article/korean-air-30000-employees-oracle-ebs-supplier-breach https://www.probablypwned.com/article/korean-air-30000-employees-oracle-ebs-supplier-breach Tue, 30 Dec 2025 19:03:54 GMT <![CDATA[CISA Adds MongoBleed to KEV as Exploitation Spreads to 87,000 Instances]]> https://www.probablypwned.com/article/cisa-mongobleed-kev-87000-vulnerable-instances https://www.probablypwned.com/article/cisa-mongobleed-kev-87000-vulnerable-instances Tue, 30 Dec 2025 19:03:54 GMT <![CDATA[Trust Wallet Chrome Extension Compromised, $7 Million Drained from Users]]> https://www.probablypwned.com/article/trust-wallet-chrome-extension-breach-7-million-stolen https://www.probablypwned.com/article/trust-wallet-chrome-extension-breach-7-million-stolen Mon, 29 Dec 2025 19:03:54 GMT <![CDATA[MacSync Stealer Bypasses macOS Gatekeeper Using Apple's Own Notarization]]> https://www.probablypwned.com/article/macsync-stealer-bypasses-gatekeeper-notarization https://www.probablypwned.com/article/macsync-stealer-bypasses-gatekeeper-notarization Mon, 29 Dec 2025 19:03:54 GMT <![CDATA[Hacker Leaks 2.3 Million WIRED Records, Threatens 40 Million More from Condé Nast]]> https://www.probablypwned.com/article/conde-nast-wired-breach-40-million-records-threatened https://www.probablypwned.com/article/conde-nast-wired-breach-40-million-records-threatened Mon, 29 Dec 2025 19:03:54 GMT <![CDATA[OpenAI Says Prompt Injection in AI Browsers May Never Be Solved]]> https://www.probablypwned.com/article/openai-chatgpt-atlas-prompt-injection-unsolvable https://www.probablypwned.com/article/openai-chatgpt-atlas-prompt-injection-unsolvable Sun, 28 Dec 2025 19:03:54 GMT <![CDATA[Malicious npm Package 'lotusbail' Hijacked WhatsApp Accounts for Six Months]]> https://www.probablypwned.com/article/npm-lotusbail-whatsapp-supply-chain-attack https://www.probablypwned.com/article/npm-lotusbail-whatsapp-supply-chain-attack Sun, 28 Dec 2025 19:03:54 GMT <![CDATA[Everest Ransomware Claims 1TB Chrysler Data Theft on Christmas Day]]> https://www.probablypwned.com/article/everest-ransomware-chrysler-christmas-data-theft https://www.probablypwned.com/article/everest-ransomware-chrysler-christmas-data-theft Sun, 28 Dec 2025 19:03:54 GMT <![CDATA[Coupang CEO Finally Apologizes Over 33.7 Million Customer Data Breach]]> https://www.probablypwned.com/article/coupang-ceo-apologizes-33-million-customer-data-breach https://www.probablypwned.com/article/coupang-ceo-apologizes-33-million-customer-data-breach Sun, 28 Dec 2025 19:03:54 GMT <![CDATA[UK Regulator Hits LastPass with £1.2 Million Fine Over 2022 Breach]]> https://www.probablypwned.com/article/uk-ico-fines-lastpass-1-2-million-2022-breach https://www.probablypwned.com/article/uk-ico-fines-lastpass-1-2-million-2022-breach Sat, 27 Dec 2025 19:03:54 GMT <![CDATA[MongoDB Urges Immediate Patching for Memory-Read Vulnerability]]> https://www.probablypwned.com/article/mongodb-cve-2025-14847-memory-read-vulnerability https://www.probablypwned.com/article/mongodb-cve-2025-14847-memory-read-vulnerability Sat, 27 Dec 2025 19:03:54 GMT <![CDATA[LockBit5 Claims 53 Victims in Single Day as Holiday Attacks Surge]]> https://www.probablypwned.com/article/lockbit5-holiday-ransomware-surge-december-2025 https://www.probablypwned.com/article/lockbit5-holiday-ransomware-surge-december-2025 Sat, 27 Dec 2025 19:03:54 GMT <![CDATA[LangChain Serialization Flaw Lets Attackers Steal AI Agent Secrets]]> https://www.probablypwned.com/article/langchain-cve-2025-68664-ai-agent-secret-theft https://www.probablypwned.com/article/langchain-cve-2025-68664-ai-agent-secret-theft Sat, 27 Dec 2025 19:03:54 GMT <![CDATA[WinRAR Flaw CVE-2025-6218 Exploited by Russian, Chinese, and Pakistani APTs]]> https://www.probablypwned.com/article/winrar-cve-2025-6218-apt-groups-active-exploitation https://www.probablypwned.com/article/winrar-cve-2025-6218-apt-groups-active-exploitation Fri, 26 Dec 2025 19:03:54 GMT <![CDATA[Nissan Discloses 21,000 Customers Exposed in Red Hat GitLab Breach]]> https://www.probablypwned.com/article/nissan-red-hat-gitlab-breach-21000-customers https://www.probablypwned.com/article/nissan-red-hat-gitlab-breach-21000-customers Fri, 26 Dec 2025 19:03:54 GMT <![CDATA[Apple Patches WebKit Zero-Days Linked to Spyware Attacks on Targeted Individuals]]> https://www.probablypwned.com/article/apple-webkit-zero-day-cve-2025-14174-spyware https://www.probablypwned.com/article/apple-webkit-zero-day-cve-2025-14174-spyware Fri, 26 Dec 2025 19:03:54 GMT <![CDATA[Goldman Sachs Warns Investors of Law Firm Data Breach at Fried Frank]]> https://www.probablypwned.com/article/goldman-sachs-fried-frank-law-firm-breach https://www.probablypwned.com/article/goldman-sachs-fried-frank-law-firm-breach Thu, 25 Dec 2025 19:03:54 GMT <![CDATA[Pro-Russian Hackers Cripple French Postal Service During Christmas Rush]]> https://www.probablypwned.com/article/french-postal-service-ddos-noname057-christmas https://www.probablypwned.com/article/french-postal-service-ddos-noname057-christmas Thu, 25 Dec 2025 19:03:54 GMT <![CDATA[Fortinet Warns 5-Year-Old FortiOS 2FA Bypass Is Under Active Attack]]> https://www.probablypwned.com/article/fortinet-cve-2020-12812-2fa-bypass-resurfaces https://www.probablypwned.com/article/fortinet-cve-2020-12812-2fa-bypass-resurfaces Thu, 25 Dec 2025 19:03:54 GMT <![CDATA[Aflac Confirms 22.6 Million Affected in June Data Breach]]> https://www.probablypwned.com/article/aflac-data-breach-22-million-scattered-spider https://www.probablypwned.com/article/aflac-data-breach-22-million-scattered-spider Thu, 25 Dec 2025 19:03:54 GMT <![CDATA[Clop Ransomware Gang Steals 3.5 Million Records from University of Phoenix]]> https://www.probablypwned.com/article/university-phoenix-breach-3-5-million-clop-oracle https://www.probablypwned.com/article/university-phoenix-breach-3-5-million-clop-oracle Wed, 24 Dec 2025 19:03:54 GMT <![CDATA[Marquis Fintech Breach Exposes 400,000 Bank Customers via Unpatched SonicWall]]> https://www.probablypwned.com/article/marquis-fintech-breach-400000-bank-customers-sonicwall https://www.probablypwned.com/article/marquis-fintech-breach-400000-bank-customers-sonicwall Wed, 24 Dec 2025 19:03:54 GMT <![CDATA[INTERPOL Operation Sentinel: 574 Arrested in Africa-Wide Cybercrime Crackdown]]> https://www.probablypwned.com/article/interpol-operation-sentinel-574-arrests-africa-cybercrime https://www.probablypwned.com/article/interpol-operation-sentinel-574-arrests-africa-cybercrime Wed, 24 Dec 2025 19:03:54 GMT <![CDATA[Critical n8n Flaw Lets Attackers Execute Code on 100,000+ Instances]]> https://www.probablypwned.com/article/critical-n8n-rce-vulnerability-cve-2025-68613 https://www.probablypwned.com/article/critical-n8n-rce-vulnerability-cve-2025-68613 Wed, 24 Dec 2025 19:03:54 GMT <![CDATA[CISA's Pre-Ransomware Warning Program Loses Its Only Operator]]> https://www.probablypwned.com/article/cisa-loses-ransomware-warning-program-lead-david-stern https://www.probablypwned.com/article/cisa-loses-ransomware-warning-program-lead-david-stern Wed, 24 Dec 2025 19:03:54 GMT <![CDATA[WatchGuard Firebox Zero-Day CVE-2025-14733 Actively Exploited, 125K Devices Exposed]]> https://www.probablypwned.com/article/watchguard-firebox-cve-2025-14733-actively-exploited https://www.probablypwned.com/article/watchguard-firebox-cve-2025-14733-actively-exploited Tue, 23 Dec 2025 19:03:54 GMT <![CDATA[Ukrainian National Pleads Guilty in Nefilim Ransomware Conspiracy]]> https://www.probablypwned.com/article/ukrainian-nefilim-ransomware-affiliate-guilty-plea https://www.probablypwned.com/article/ukrainian-nefilim-ransomware-affiliate-guilty-plea Tue, 23 Dec 2025 19:03:54 GMT <![CDATA[Spotify's 300TB Music Library Scraped by Pirate Activist Group]]> https://www.probablypwned.com/article/spotify-300tb-music-library-scraped-annas-archive https://www.probablypwned.com/article/spotify-300tb-music-library-scraped-annas-archive Tue, 23 Dec 2025 19:03:54 GMT <![CDATA[SonicWall Patches Exploited SMA1000 Zero-Day Used in Chained RCE Attack]]> https://www.probablypwned.com/article/sonicwall-sma1000-cve-2025-40602-chained-rce-exploit https://www.probablypwned.com/article/sonicwall-sma1000-cve-2025-40602-chained-rce-exploit Tue, 23 Dec 2025 19:03:54 GMT <![CDATA[Iranian Infy APT Resurfaces After Five Years with Telegram-Based C2]]> https://www.probablypwned.com/article/iranian-infy-apt-resurfaces-foudre-tonnerre-telegram https://www.probablypwned.com/article/iranian-infy-apt-resurfaces-foudre-tonnerre-telegram Tue, 23 Dec 2025 19:03:54 GMT <![CDATA[Romania's Water Management Agency Hit by Ransomware Attack Affecting 1,000 Systems]]> https://www.probablypwned.com/article/romania-water-agency-ransomware-bitlocker-1000-systems https://www.probablypwned.com/article/romania-water-agency-ransomware-bitlocker-1000-systems Mon, 22 Dec 2025 19:03:54 GMT <![CDATA[Former Incident Responders Plead Guilty to Running ALPHV Ransomware Attacks]]> https://www.probablypwned.com/article/incident-responders-plead-guilty-alphv-blackcat-ransomware https://www.probablypwned.com/article/incident-responders-plead-guilty-alphv-blackcat-ransomware Mon, 22 Dec 2025 19:03:54 GMT <![CDATA[DOJ Charges 54 in $40 Million ATM Jackpotting Scheme Linked to Venezuelan Gang]]> https://www.probablypwned.com/article/doj-charges-54-atm-jackpotting-ploutus-malware-tren-de-aragua https://www.probablypwned.com/article/doj-charges-54-atm-jackpotting-ploutus-malware-tren-de-aragua Mon, 22 Dec 2025 19:03:54 GMT <![CDATA[CISA Releases New BRICKSTORM Backdoor IOCs Tied to PRC State Actors]]> https://www.probablypwned.com/article/cisa-brickstorm-backdoor-rust-prc-state-sponsored https://www.probablypwned.com/article/cisa-brickstorm-backdoor-rust-prc-state-sponsored Mon, 22 Dec 2025 19:03:54 GMT <![CDATA[The 10 Biggest Cyber Stories of 2025: A Year of Record-Breaking Attacks]]> https://www.probablypwned.com/article/top-10-cyber-stories-2025-year-in-review https://www.probablypwned.com/article/top-10-cyber-stories-2025-year-in-review Sun, 21 Dec 2025 19:03:54 GMT <![CDATA[SantaStealer Malware-as-a-Service Launches Just in Time for the Holidays]]> https://www.probablypwned.com/article/santastealer-malware-as-service-telegram-launch https://www.probablypwned.com/article/santastealer-malware-as-service-telegram-launch Fri, 19 Dec 2025 19:03:54 GMT <![CDATA[React2Shell Vulnerability Now Weaponized in Ransomware Campaigns]]> https://www.probablypwned.com/article/react2shell-cve-2025-55182-ransomware-initial-access https://www.probablypwned.com/article/react2shell-cve-2025-55182-ransomware-initial-access Fri, 19 Dec 2025 19:03:54 GMT <![CDATA[LongNosedGoblin: New China-Aligned APT Abuses Group Policy for Espionage]]> https://www.probablypwned.com/article/longnosedgoblin-china-apt-group-policy-espionage https://www.probablypwned.com/article/longnosedgoblin-china-apt-group-policy-espionage Fri, 19 Dec 2025 19:03:54 GMT <![CDATA[Kimwolf Botnet Hijacks 1.8 Million Android TV Boxes for DDoS Attacks]]> https://www.probablypwned.com/article/kimwolf-android-botnet-1-8-million-devices-ddos https://www.probablypwned.com/article/kimwolf-android-botnet-1-8-million-devices-ddos Fri, 19 Dec 2025 19:03:54 GMT <![CDATA[Denmark Blames Russia for Destructive Cyberattack That Burst Water Pipes]]> https://www.probablypwned.com/article/denmark-blames-russia-destructive-water-utility-cyberattack https://www.probablypwned.com/article/denmark-blames-russia-destructive-water-utility-cyberattack Fri, 19 Dec 2025 19:03:54 GMT <![CDATA[North Korea Stole $2.02 Billion in Cryptocurrency During 2025]]> https://www.probablypwned.com/article/north-korea-cryptocurrency-theft-2025-two-billion https://www.probablypwned.com/article/north-korea-cryptocurrency-theft-2025-two-billion Thu, 18 Dec 2025 19:03:54 GMT <![CDATA[HPE Patches Maximum-Severity OneView RCE Vulnerability]]> https://www.probablypwned.com/article/hpe-oneview-critical-rce-flaw-cve-2025-37164 https://www.probablypwned.com/article/hpe-oneview-critical-rce-flaw-cve-2025-37164 Thu, 18 Dec 2025 19:03:54 GMT <![CDATA[Cisco AsyncOS Zero-Day Exploited by China-Linked APT, No Patch Available]]> https://www.probablypwned.com/article/cisco-asyncos-zero-day-exploited-china-apt-cve-2025-20393 https://www.probablypwned.com/article/cisco-asyncos-zero-day-exploited-china-apt-cve-2025-20393 Thu, 18 Dec 2025 19:03:54 GMT <![CDATA[CISA Warns of Asus Live Update Supply Chain Backdoor Under Active Attack]]> https://www.probablypwned.com/article/cisa-asus-live-update-supply-chain-backdoor-cve-2025-59374 https://www.probablypwned.com/article/cisa-asus-live-update-supply-chain-backdoor-cve-2025-59374 Thu, 18 Dec 2025 19:03:54 GMT <![CDATA[China-Linked Ink Dragon APT Targets European Governments with ShadowPad]]> https://www.probablypwned.com/article/ink-dragon-china-apt-european-governments-shadowpad https://www.probablypwned.com/article/ink-dragon-china-apt-european-governments-shadowpad Wed, 17 Dec 2025 19:03:54 GMT <![CDATA[GhostPoster Malware Hides in Firefox Extension Logos, Infects 50,000 Users]]> https://www.probablypwned.com/article/ghostposter-firefox-extensions-malware-steganography https://www.probablypwned.com/article/ghostposter-firefox-extensions-malware-steganography Wed, 17 Dec 2025 19:03:54 GMT <![CDATA[Cellik Android Malware-as-a-Service Trojanizes Any Google Play App]]> https://www.probablypwned.com/article/cellik-android-malware-service-trojanizes-play-store-apps https://www.probablypwned.com/article/cellik-android-malware-service-trojanizes-play-store-apps Wed, 17 Dec 2025 19:03:54 GMT <![CDATA[Amazon Disrupts Multi-Year Russian GRU Campaign Targeting Energy Sector]]> https://www.probablypwned.com/article/amazon-disrupts-russian-gru-sandworm-energy-sector-attacks https://www.probablypwned.com/article/amazon-disrupts-russian-gru-sandworm-energy-sector-attacks Wed, 17 Dec 2025 19:03:54 GMT <![CDATA[Chrome Extension with 8 Million Users Caught Stealing AI Chats]]> https://www.probablypwned.com/article/urban-vpn-chrome-extension-stealing-ai-chatbot-conversations https://www.probablypwned.com/article/urban-vpn-chrome-extension-stealing-ai-chatbot-conversations Tue, 16 Dec 2025 19:03:54 GMT <![CDATA[SoundCloud Confirms Breach Affecting 28 Million Users]]> https://www.probablypwned.com/article/soundcloud-breach-shinyhunters-extortion https://www.probablypwned.com/article/soundcloud-breach-shinyhunters-extortion Tue, 16 Dec 2025 19:03:54 GMT <![CDATA[Critical Fortinet FortiGate Auth Bypass Under Active Exploitation]]> https://www.probablypwned.com/article/fortinet-fortigate-authentication-bypass-actively-exploited https://www.probablypwned.com/article/fortinet-fortigate-authentication-bypass-actively-exploited Tue, 16 Dec 2025 19:03:54 GMT <![CDATA[CISA Warns Pro-Russia Hacktivists Attacking US Water and Energy]]> https://www.probablypwned.com/article/cisa-pro-russia-hacktivists-critical-infrastructure https://www.probablypwned.com/article/cisa-pro-russia-hacktivists-critical-infrastructure Tue, 16 Dec 2025 19:03:54 GMT <![CDATA[Maximum Severity Apache Tika Flaw Threatens Document Pipelines]]> https://www.probablypwned.com/article/apache-tika-critical-xxe-vulnerability-cve-2025-66516 https://www.probablypwned.com/article/apache-tika-critical-xxe-vulnerability-cve-2025-66516 Tue, 16 Dec 2025 19:03:54 GMT