Cybersecurity News, Threats & Vulnerability Alerts
WordPress Plugin Bug Lets Hackers Create Admin Accounts
Critical flaw in User Registration plugin affects 60,000+ WordPress sites, enabling unauthorized admin account creation.
APT41-Linked Silver Dragon Hits EU and Asian Governments
New APT41-affiliated threat group Silver Dragon targets government networks across Europe and Southeast Asia using phishing and legitimate services.
Vaultwarden 1.35.4 fixes three critical vulnerabilities
Vaultwarden releases version 1.35.4 to fix three security vulnerabilities in the self-hosted alternative to Bitwarden.
OpenClaw AI Critical RCE Flaw Patched — All Developers Must Update Immediately
OpenClaw developers released an emergency security patch on March 2, 2026, fixing a critical remote code execution (RCE) vulnerability in their widely-adopted AI agent development platform. The flaw, discovered via responsible disclosure, exposed AI systems to remote attack. Immediate update required.
Cisco Confirms Active Exploitation of Max-Severity CVE
Cisco confirms active exploitation of maximum-severity vulnerability CVE-2026-20127 by sophisticated attackers leaving minimal forensic evidence.
North Korean Hackers Use Fake Next.js Repos in Job Scams
North Korean threat actors deploy malicious Next.js repositories through fake job recruitment campaigns to gain persistent access to developer systems.
Interpol Operation Recovers $4.3M in African Cybercrime Bust
African law enforcement agencies partnered with Interpol to recover over $4.3 million from cybercrime operations across the continent.
Lazarus Group 2026: North Korea Deploys Medusa Ransomware and Backdoors in Global Cyberattacks
In 2026, North Korea's Lazarus Group expanded its arsenal by integrating Medusa ransomware, the Blindingcan RAT, and Comebacker backdoor in global cyberattack campaigns targeting finance, defense, and critical infrastructure worldwide. Security researchers from Dark Reading confirm this major tactical evolution.