Turla has rebuilt Kazuar into a modular P2P botnet designed for stealth and persistent access.
The upgraded .NET backdoor uses Kernel, Bridge, and Worker modules to handle C2, tasking, collection, and exfiltration.
The upgraded .NET backdoor uses Kernel, Bridge, and Worker modules to handle C2, tasking, collection, and exfiltration.
Four OpenClaw vulnerabilities dubbed Claw Chain can be chained to steal sensitive data, escalate privileges, and establish persistence.
All four flaws are fixed in OpenClaw 2026.4.22.
All four flaws are fixed in OpenClaw 2026.4.22.
On-prem Microsoft Exchange Server CVE-2026-42897 is under active exploitation.
The CVSS 8.1 spoofing flaw stems from XSS and can allow arbitrary JavaScript execution when crafted emails are opened in Outlook Web Access under certain conditions.
The CVSS 8.1 spoofing flaw stems from XSS and can allow arbitrary JavaScript execution when crafted emails are opened in Outlook Web Access under certain conditions.
CISA added CVE-2026-20182, a CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN Controller, to its KEV catalog amid active exploitation.
Google ties full 15GB free cloud storage to mobile number verification for new accounts.
Microsoft patches 120 vulnerabilities in May 2026 update including 17 critical flaws across Windows and Office.
Google says hackers used AI to discover a zero day vulnerability for the first time.
Critical Next.js vulnerability exposes servers to unauthorized requests and potential data leaks.
The hacker group "ShinyHunters" in a new wave of cyberattacks has gained access to data from large companies such as Google, Sony, AMD, and Rockstar.
A new version of the "Kazuar" malware; a tool attributed to Russian hackers designed for covert infiltration, espionage, and information gathering.
Australians among 560 million users around the world caught in Ticketmaster hack.
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt.