Cybersecurity

Disc Soft Limited, the creator of DAEMON Tools Lite, has confirmed that its popular software was compromised through a supply chain attack, leading to the distribution of malicious installers. The company has since released an updated, clean version, urging users of affected builds to take immediate action.

A newly identified critical vulnerability in the widely adopted Node.js sandboxing library, `vm2`, poses a significant risk by enabling attackers to bypass its isolation mechanisms and execute arbitrary code on the underlying host system. This flaw could compromise numerous online platforms, automation tools, and SaaS applications that rely on `vm2` to safely run untrusted JavaScript code, potentially exposing sensitive infrastructure.

A sophisticated phishing operation is exploiting Google's advertising network to hijack credentials for GoDaddy's ManageWP platform, a critical tool for managing numerous WordPress sites. This campaign employs an advanced adversary-in-the-middle technique, allowing attackers to bypass standard security measures and capture login details, including multi-factor authentication codes, in real-time. The method positions malicious ads above legitimate search results, deceiving users seeking to access their site management dashboards.

AI agents are rapidly proliferating within enterprise environments, often outpacing the establishment of adequate governance and security controls. This presents a critical vulnerability, as these autonomous entities operate across applications and accrue permissions outside the visibility of traditional identity management systems. The unmanaged sprawl of these agents introduces a new layer of hidden operational risk.

A newly identified Mirai-based botnet, self-dubbed xlabs_v1, is actively exploiting exposed Android Debug Bridge (ADB) interfaces to compromise internet-connected devices. This sophisticated operation enlists a wide array of consumer hardware into a network capable of executing distributed denial-of-service (DDoS) attacks, primarily targeting online gaming infrastructure.

Herd Security, an innovator in human-centric cybersecurity, has successfully completed a significant funding round, attracting several million dollars in investment. This capital infusion is earmarked for advancing its platform that leverages artificial intelligence to deliver continuous, adaptive security awareness training.

Autonomous offensive security specialist XBOW has announced a substantial capital injection, pushing its total raised funding past the quarter-billion dollar mark. This latest investment round is poised to accelerate the firm's global market penetration and expand its AI-driven vulnerability testing capabilities.

Palo Alto Networks has issued an urgent warning regarding a critical zero-day vulnerability actively under exploitation in its PAN-OS firewall software. The flaw, impacting the User-ID Authentication Portal, grants unauthenticated attackers remote code execution capabilities with root privileges on exposed systems, posing a significant threat to network perimeters globally.

Organizations relying on traditional backup strategies face a harsh new reality: ransomware groups are increasingly disabling recovery mechanisms before encryption. This sophisticated tactic bypasses the perceived safety net of backups, leaving enterprises unable to restore critical data even when safeguards were supposedly in place.

A severe vulnerability within Palo Alto Networks' PAN-OS software is currently being actively exploited, posing a significant risk to network perimeters globally. This unauthenticated remote code execution flaw specifically targets devices configured with the User-ID Authentication Portal, allowing attackers to gain deep system access. The active exploitation highlights an immediate threat to organizations relying on these firewalls for their security posture.

Cybersecurity researchers have uncovered a sophisticated attack campaign employing the CloudZ remote access tool (RAT) that uniquely targets Microsoft's Phone Link application. This novel approach allows adversaries to compromise synchronized mobile data, including sensitive credentials and one-time passcodes, without ever needing to infect the mobile device itself. The intrusion activity has been ongoing for several months, highlighting a significant blind spot in cross-device security.

A prominent cybersecurity intelligence platform, previously known for chronicling digital threats and breaches, has unveiled a new global recognition program aimed at celebrating excellence across the industry. This initiative marks a significant shift, highlighting the individuals, teams, and technologies driving innovation and resilience in the cyber domain. Submissions are now open for the inaugural 'Cybersecurity Stars Awards 2026', inviting nominations from a wide spectrum of the security community.