Switch View
© Sector News
10.02.2026
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
News Preview
© Dark Reading 2026
© Sector News
10.02.2026
ZeroDayRAT malware grants full access to Android, iOS devices
News Preview
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
CVE-2025-55182
News Preview
Currently trending CVE - Hype Score: 34 - A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code ...
© CVE Monitor 2026
Worth to know
20.10.2025
Short Selling Radar
USA, Europe, Asia
Track Short Selling Activities worldwide
Knowing what matters
Leerverkaufsstatistiken, Hedge-Fund Aktivitäten und viele weitere nutzerwertige Informationen benutzerfreundlich aufbereitet
© Sector News
10.02.2026
CVE-2026-1731
News Preview
Currently trending CVE - Hype Score: 12 - BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating ...
© CVE Monitor 2026
Swarmalpha i/o · The Event Futures Prediction X
23.01.2026
© Sector News
10.02.2026
CVE-2024-12356
News Preview
Currently trending CVE - Hype Score: 12 - A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-1974
News Preview
Currently trending CVE - Hype Score: 8 - A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-43300
News Preview
Currently trending CVE - Hype Score: 14 - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-34164
News Preview
Currently trending CVE - Hype Score: 10 - A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially result in arbitrary code execution.
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-34165
News Preview
Currently trending CVE - Hype Score: 10 - A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory.
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-54068
News Preview
Currently trending CVE - Hype Score: 15 - Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-30208
News Preview
Currently trending CVE - Hype Score: 15 - Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-26399
News Preview
Currently trending CVE - Hype Score: 30 - SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which ...
© CVE Monitor 2026
Advertisment
20.10.2025
© Sector News
10.02.2026
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
News Preview
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates ...
© HackerNews 2026
© Sector News
10.02.2026
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
News Preview
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said.
"Prior to the...
© HackerNews 2026
© Sector News
10.02.2026
The Cybersecurity Blind Spots Putting PropTech at Risk—And How to Address Them
News Preview
By Nathan Miller, President & Founder at Rentec Direct. Rentec Direct were finalists in the 'Best SaaS Product for Construction and Property Management' award at the 2025 SaaS Awards. Once an administrative convenience, property management software has become the backbone of modern real estate operations, streamlining everything from tenant ...
© Cloud Awards 2026
© Sector News
10.02.2026
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
News Preview
The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country's parliament on Friday.
"On J...
© HackerNews 2026
© Sector News
10.02.2026
Fugitive behind $73M 'pig butchering' scheme gets 20 years in prison
News Preview
A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency investment scheme (also known as pig butchering or romance baiting) that defrauded victims of more than $73 million. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
News Preview
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.
"An improper neutralization of special elements used in an SQL Command ('SQL Injection...
© HackerNews 2026
© Sector News
09.02.2026
Chinese cyberspies breach Singapore's four largest telcos
News Preview
The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
News Preview
The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.
© Dark Reading 2026
© Sector News
09.02.2026
TeamPCP Turns Cloud Infrastructure into Crime Bots
News Preview
The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.
© Dark Reading 2026
© Sector News
09.02.2026
Hackers exploit SolarWinds WHD flaws to deploy DFIR tool in attacks
News Preview
Hackers are now exploiting SolarWinds Web Help Desk (WHD) vulnerabilities to gain code execution rights on exposed systems and deploy legitimate tools, including the Velociraptor forensics tools, for persistence and remote control. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
Improving your response to vulnerability management
News Preview
How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
© National Cyber Security Centre 2026
© Sector News
09.02.2026
CVE-2025-59473
News Preview
Currently trending CVE - Hype Score: 7 - SQL Injection vulnerability in the Structure for Admin authenticated user
© CVE Monitor 2026
© Sector News
09.02.2026
'Reynolds' Bundles BYOVD With Ransomware Payload
News Preview
Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique.
© Dark Reading 2026
© Sector News
09.02.2026
Hackers breach SmarterTools network using flaw in its own software
News Preview
SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
What Organizations Need to Change When Managing Printers
News Preview
Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.
© Dark Reading 2026
© Sector News
09.02.2026
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
News Preview
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector.
"UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said. "All four of Singapore's major telecommunications operat...
© HackerNews 2026
© Sector News
09.02.2026
CVE-2025-66959
News Preview
Currently trending CVE - Hype Score: 5 - An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder
© CVE Monitor 2026
© Sector News
09.02.2026
Password guessing without AI: How attackers build targeted wordlists
News Preview
Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password guesses and why complexity rules alone fall short. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
News Preview
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets.
That said, the Microsoft Defender Security Research Team said it's not clear wh...
© HackerNews 2026
© Sector News
09.02.2026
BeyondTrust warns of critical RCE flaw in remote support software
News Preview
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
News Preview
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.
A clear pattern this week: attackers are abusing trust. Trusted updat...
© HackerNews 2026
© Sector News
09.02.2026
CVE-2025-66960
News Preview
Currently trending CVE - Hype Score: 5 - An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata
© CVE Monitor 2026
© Sector News
09.02.2026
CVE-2025-3052
News Preview
Currently trending CVE - Hype Score: 10 - An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting ...
© CVE Monitor 2026
© Sector News
09.02.2026
Men charged in FanDuel scheme fueled by thousands of stolen identities
News Preview
Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities of approximately 3,000 victims. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
News Preview
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the work...
© HackerNews 2026
© Sector News
09.02.2026
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
News Preview
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.
Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing att...
© HackerNews 2026
© Sector News
09.02.2026
Microsoft: Exchange Online flags legitimate emails as phishing
News Preview
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
European Commission discloses breach that exposed staff data
News Preview
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
CVE-2025-15566
News Preview
Currently trending CVE - Hype Score: 1 - A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and ...
© CVE Monitor 2026
© Sector News
09.02.2026
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
News Preview
Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.
The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Red...
© HackerNews 2026
© Sector News
09.02.2026
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
News Preview
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.
"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication rem...
© HackerNews 2026
© Sector News
08.02.2026
CVE-2025-11953
News Preview
Currently trending CVE - Hype Score: 1 - The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server ...
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2025-8088
News Preview
Currently trending CVE - Hype Score: 1 - A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
...
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2025-68947
News Preview
Currently trending CVE - Hype Score: 1 - NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver.
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2024-5242
News Preview
Currently trending CVE - Hype Score: 1 - TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this ...
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2025-13375
News Preview
Currently trending CVE - Hype Score: 1 - IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2026-24423
News Preview
Currently trending CVE - Hype Score: 1 - SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be ...
© CVE Monitor 2026
© Sector News
08.02.2026
New tool blocks imposter attacks disguised as safe commands
News Preview
A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. [...]
© BleepingComputer 2026
© Sector News
08.02.2026
CVE-2025-6978
News Preview
Currently trending CVE - Hype Score: 1 - Diagnostics command injection vulnerability
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2025-20393
News Preview
Currently trending CVE - Hype Score: 8 - A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.
This ...
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2025-40551
News Preview
Currently trending CVE - Hype Score: 1 - SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
© CVE Monitor 2026
© Sector News
08.02.2026
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
News Preview
OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.
"All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, inclu...
© HackerNews 2026
© Sector News
07.02.2026
CVE-2025-22225
News Preview
Currently trending CVE - Hype Score: 1 - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
© CVE Monitor 2026
© Sector News
07.02.2026
State actor targets 155 countries in 'Shadow Campaigns' espionage op
News Preview
A new state-aligned cyberespionage threat group tracked as TGR-STA-1030/UNC6619, has conducted a global-scale operation dubbed the "Shadow Campaigns," where it targeted government infrastructure in 155 countries. [...]
© BleepingComputer 2026
© Sector News
07.02.2026
CVE-2025-61732
News Preview
Currently trending CVE - Hype Score: 1 - A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2026-25049
News Preview
Currently trending CVE - Hype Score: 1 - n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running ...
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2025-68121
News Preview
Currently trending CVE - Hype Score: 1 - During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and ...
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2025-68613
News Preview
Currently trending CVE - Hype Score: 1 - n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions ...
© CVE Monitor 2026
