Security news.
Today's cybersecurity landscape is marked by critical zero-day exploits and new malware campaigns. Ivanti and Palo Alto Networks are urging immediate patching for vulnerabilities actively exploited in the wild, while new credential-stealing worms target cloud infrastructure and social engineering tactics distribute inf
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation
Ivanti has issued a warning about a high-severity remote code execution vulnerability (CVE-2026-6973) in Endpoint Manager Mobile (EPMM) that is being actively exploited in limited attacks, allowing authenticated administrative users to achieve RCE.
Palo Alto Zero-Day Exploited, Linked to Chinese State Hacking
A critical zero-day vulnerability (CVE-2026-0300) in Palo Alto Networks PAN-OS software has been exploited for nearly a month, with evidence suggesting a campaign by Chinese state-sponsored actors to gain root access and conduct espionage.
New PCPJack Worm Steals Credentials, Cleans TeamPCP Infections
A new malware framework, PCPJack, is actively stealing credentials from exposed cloud infrastructure and simultaneously removing TeamPCP's access from compromised systems.
Australia Warns of ClickFix Attacks Pushing Vidar Stealer
The Australian Cyber Security Center (ACSC) has issued a warning about an ongoing malware campaign using the "ClickFix" social engineering technique to distribute the Vidar Stealer info-stealing malware.
Critical Vulnerabilities in vm2 Node.js Library Allow Sandbox Escape
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library, which could allow attackers to escape the sandbox and execute arbitrary code on vulnerable systems.
Chrome 148 Rolls Out With 127 Security Fixes
Google has released Chrome 148, addressing 127 security vulnerabilities, including critical-severity integer overflow and use-after-free issues.
Fake Claude AI Website Delivers New 'Beagle' Windows Malware
A malicious version of the Claude AI website is distributing a previously undocumented Windows backdoor named "Beagle" via a fake Claude-Pro Relay download.
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Researchers have found that attackers can silently redirect Claude Code MCP traffic to intercept OAuth tokens, potentially gaining persistent access to connected SaaS platforms.