Team-CWD – Page 13 – Cyberwire Daily

News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Team-CWDApril 13, 2026

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in…

News

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Team-CWDApril 13, 2026

A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal…

News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Team-CWDApril 12, 2026

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve…

News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Team-CWDApril 12, 2026

The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social…

News

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Team-CWDApril 12, 2026

The next major breach hitting your clients probably won’t come from inside their walls. It’ll come through a vendor they trust, a SaaS…

News

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Team-CWDApril 12, 2026

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than…

News

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Team-CWDApril 12, 2026

Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that…

News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Team-CWDApril 11, 2026

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private…

News

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Team-CWDApril 11, 2026

Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could…

News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

Team-CWDApril 11, 2026

The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring…

What's Hot

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

Author: Team-CWD

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

Managing risks to your loved one’s digital estate

Why you should never pay to get paid

Is it time for internet services to adopt identity verification?

Subscribe to Updates

What's Hot

Author: Team-CWD

Subscribe to Updates