21,000+ publicly exposed instances of an open-source personal AI assistant, raising significant concerns about unprotected access to sensitive user configurations and personal data. OpenClaw, a rapidly emerging personal AI assistant created by Austrian developer Peter Steinberger, has experienced explosive growth…
Tag: Cyber Security News
New Punishing Owl Hacker Group Targeting Networks of Russian Government Security Agency
A previously unknown hacktivist group called Punishing Owl has emerged with sophisticated cyberattacks targeting Russian government security agencies. The group first surfaced on December 12, 2025, when it announced the successful breach of a Russian government security agency’s network. The…
Windows 11 Bug Causing Password Sign-in Option to Disappear from the Lock Screen on
Microsoft has acknowledged a strange user interface bug affecting specific Windows environments where the password sign-in option appears to vanish from the lock screen. The issue, which originated with updates released in late 2025, primarily impacts managed IT infrastructures and…
Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
The Russia-linked threat group UAC-0001, also known as APT28, has been actively exploiting a critical zero-day vulnerability in Microsoft Office. The group is using this flaw to deploy sophisticated malware against Ukrainian government entities and European Union organizations. The vulnerability,…
Pulsar RAT Attacking Windows Systems via Per-user Run Registry Key and Exfiltrates Sensitive Details
A new wave of attacks targeting Windows systems has emerged through a sophisticated remote access trojan known as Pulsar RAT. This malware establishes persistence using the per-user Run registry key, enabling automatic execution each time an infected user logs into…
Gakido CRLF Injection Vulnerability Let Attackers Bypass Security Controls
A critical vulnerability in Gakido, an HTTP client library by HappyHackingSpace, has been discovered that allows attackers to inject arbitrary HTTP headers through CRLF (Carriage Return Line Feed) sequences. Tracked as CVE-2026-24489 under advisory RO-26-005, the vulnerability affects all versions…
New Stealthy Fileless Linux Malware ‘ShadowHS’ Emphasizes Automated Propagation
Security teams defending Linux environments now face a sophisticated threat designed to evade traditional detection. A newly uncovered fileless malware framework named ShadowHS operates entirely in memory, leaving no persistent traces on disk while establishing long-term control over compromised systems.…
Autonomous AI Agents Are Becoming the New Operating System of Cybercrime
The cybersecurity landscape has entered a dangerous new phase where autonomous AI agents are transforming from simple automation tools into sophisticated criminal operators. These self-directed systems now execute complex cyberattacks without human oversight, marking a fundamental shift in how digital…
Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access
A dangerous Android malware called Arsink RAT has emerged as a serious threat to mobile device security worldwide. This cloud-native Remote Access Trojan gives attackers complete control over infected devices while quietly stealing personal information. The malware spreads through social…
Hackers Attacking MongoDB Instances to Delete Database and Add Ransom Note
Threat actors are actively targeting internet-exposed MongoDB instances in large-scale automated ransomware campaigns. The attacks follow a consistent pattern: attackers scan for unsecured MongoDB databases accessible on the public internet, delete the stored data, and insert ransom notes demanding payment…
Windows 11 New Security Feature Denies Unauthorized Access to System Files
Microsoft has introduced a significant security control in the latest Windows 11 preview update designed to restrict unauthorized interaction with critical system files. Released as part of the January 2026 non-security preview (KB5074105), this enhancement specifically targets the Storage settings…
Google Uncovered Significant Expansion in ShinyHunters Threat Activity with New Tactics
The ShinyHunters threat group has expanded its extortion operations with sophisticated attack methods targeting cloud-based systems across multiple organizations. These cybercriminals use voice phishing and fake credential harvesting websites to steal login information from employees. Once they gain access, they…
State-Sponsored Actors Hijacked Notepad++ Update Servers to Redirect Users to Malicious Servers
The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…
1-Click Clawdbot Vulnerability Enable Malicious Remote Code Execution Attacks
A critical vulnerability in OpenClaw, the open-source AI personal assistant trusted by over 100,000 developers, has been discovered and weaponized into a devastating one-click remote code execution exploit. Security researchers at depthfirst General Security Intelligence uncovered a logic flaw that,…
State-Sponsored Actors Hijacked Notepad++ Update to Redirect Users to Malicious Servers
The developer of Notepad++ has confirmed that a targeted attack by a likely Chinese state-sponsored threat actor compromised the project’s former shared hosting infrastructure between June and December 2025. The breach allowed attackers to intercept and selectively redirect update traffic…
Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks
A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The vulnerability, tracked as CVE-2025-26385, carries a maximum CVSS v3 severity score of 10.0, indicating the highest level of risk to affected infrastructure.…
Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys
A critical vulnerability in Moltbook, the nascent AI agent social network launched late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for its registered entities amid hype over 1.5 million “users.” Researchers revealed…
AutoPentestX – Automated Penetration Testing Toolkit Designed for Linux systems
AutoPentestX, an open-source automated penetration testing toolkit for Linux systems, enables comprehensive security assessments from a single command. Developed by Gowtham Darkseid and released in November 2025, it generates professional PDF reports while emphasizing safe, non-destructive testing. AutoPentestX targets Kali…
Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail
The latest update to the Metasploit Framework this week provides a significant enhancement for penetration testers and red teamers, introducing seven new exploit modules targeting commonly used enterprise software. The highlight of this release is a sophisticated trio of modules…
SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations
A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked as CVE-2025-0921, affects supervisory control and data acquisition infrastructure widely deployed across automotive, energy, and…