CrowdCyber
npub1xm6q...7acu
Revolutionizing and Democratizing Cybersecurity
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)
https://www.reddit.com/r/netsec/comments/1s8y8pp/mad_bugs_claude_wrote_a_full_freebsd_remote/
Axios npm Package Compromised: Supply Chain Attack via Phantom Dependency Drops Cross-Platform RAT
Karma-X
Axios npm Package Compromised: Supply Chain Attack via Phantom Dependency Drops Cross-Platform RAT
Axios npm package compromised—attackers hijacked the maintainer’s account and injected a phantom dependency that dropped a cross-platform RAT. ...
Russian CTRL Toolkit: How Malicious LNK Files Enable RDP Hijacking via Reverse Tunnels
Karma-X
Russian CTRL Toolkit: How Malicious LNK Files Enable RDP Hijacking via Reverse Tunnels
A custom .NET RAT dubbed CTRL uses weaponized Windows shortcuts to hijack RDP sessions via FRP tunnels—here’s the full attack chain and how to ...
Backdoor In Common Linux Utility XZ, Multiple Distros Affected: Everything We Know
Karma-X
Backdoor In Common Linux Utility XZ, Multiple Distros Affected: Everything We Know
On March 29, 2024, a malicious backdoor was discovered to have been inserted into the xz data compression library in a software supply chain attack.
Security Alert: Critical Vulnerability Hits Anritsu Remote Spectrum Monitors
Daily CyberSecurity
Security Alert: Critical Vulnerability Hits Anritsu Remote Spectrum Monitors
CISA alerts to a 9.8 CVSS flaw in Anritsu Spectrum Monitors (CVE-2026-3356). No patch is coming for this authentication bypass. Secure your network...
LiteLLM Supply-Chain Attack: How Trojanized PyPI Packages Turned an AI Gateway Into a Data Exfiltration Tool
Karma-X
LiteLLM Supply-Chain Attack: How Trojanized PyPI Packages Turned an AI Gateway Into a Data Exfiltration Tool
Trojanized LiteLLM releases on PyPI enabled data exfiltration with Kubernetes persistence—here’s the full attack chain and how to check if you...
How AI Coding Tools Crushed the Endpoint Security Fortress
https://www.darkreading.com/application-security/ai-coding-tools-endpoint-security
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
BleepingComputer
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severi...
Breakdown: How TeamPCP hid malware inside WAV files using audio steganography
https://www.reddit.com/r/netsec/comments/1s6weca/breakdown_how_teampcp_hid_malware_inside_wav/
You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1saebwi/youre_not_supposed_to_sharefile_with_everyone/
The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia
Daily CyberSecurity
The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia
Unit 42 uncovers a massive 3-cluster cyberespionage campaign by China-aligned actors in SE Asia using USBFect, Hypnosis loaders, and stealthy RATs.
'NoVoice' Android malware on Google Play infected 2.3 million devices
BleepingComputer
'NoVoice' Android malware on Google Play infected 2.3 million devices
A new Android malware dubbed NoVoice exploited known vulnerabilities to gain root access and has been distributed through more than 50 apps on Goog...
Axios NPM Package Compromised in Precision Attack
https://www.darkreading.com/application-security/axios-npm-package-compromised-precision-attack
New EvilTokens service fuels Microsoft device code phishing attacks
BleepingComputer
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide adv...
Takedown-Proof: Inside the Ethereum-Powered “EtherRAT” and North Korea’s New Blockchain Backdoor
Daily CyberSecurity
Takedown-Proof: Inside the Ethereum-Powered "EtherRAT" and North Korea’s New Blockchain Backdoor
eSentire exposes EtherRAT, a North Korean-linked backdoor using Ethereum smart contracts for "takedown-proof" C2. Protect your retail envir...
Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare
Daily CyberSecurity
Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare
PX4 Autopilot faces a critical 9.8 CVSS flaw (CVE-2026-1579). Unsigned MAVLink messages allow remote shell access. Enable message signing now to se...
NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access
Daily CyberSecurity
NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access
NocoBase patches a CVSS 10.0 RCE vulnerability (CVE-2026-34156). A simple console object bypasses the sandbox for root access. Update to 2.0.28 now!
Axios supply chain attack chops away at npm trust
Malwarebytes
Axios supply chain attack chops away at npm trust
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan
Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component
Daily CyberSecurity
Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component
Google warns that CVE-2026-5281 is currently being exploited in the wild. Update Chrome to version 146.0.7680.177 immediately to fix this high-seve...