breaking news

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

A study found nearly 5 million servers exposing Git metadata, with 250,000 leaking deployment credentials via .git/config files. A new 2026 study by the Mysterium VPN research team reveals that nearly 5 million public web servers are exposing Git repository metadata — with over 250,000 of them exposing .git/config files containing deployment credentials. Such misconfigurations […]

February 6, 2026
0 comment
Read More >>

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Attackers are […]

February 6, 2026
0 comment
Read More >>

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Italy stopped Russian-linked cyberattacks targeting Foreign Ministry offices and Winter Olympics websites and hotels, Foreign Minister Tajani said. Italy has thwarted a series of Russian-linked cyberattacks aimed at Foreign Ministry offices, including one in Washington, as well as Winter Olympics websites and hotels in Cortina d’Ampezzo, according to Foreign Minister Antonio Tajani. “We have foiled […]

February 5, 2026
0 comment
Read More >>

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

Ransomware groups now exploit VMware ESXi vulnerability CVE-2025-22225, patched by Broadcom in March 2025. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirms that ransomware gangs are exploiting the VMware ESXi sandbox escape flaw CVE-2025-22225. The vulnerability is an arbitrary write issue in VMware ESXi. An attackers with privileges within the VMX process may trigger an arbitrary […]

February 5, 2026
0 comment
Read More >>

Paris raid on X focuses on child abuse material allegations

French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europol support, raided the X offices in Paris in a criminal probe over complaints that the platform facilitated child sexual abuse material and other illegal content. The probe […]

February 4, 2026
0 comment
Read More >>

Paris raid on X focuses on child abuse material allegations

French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europol support, raided the X offices in Paris in a criminal probe over complaints that the platform facilitated child sexual abuse material and other illegal content. The probe […]

February 4, 2026
0 comment
Read More >>

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a coordinated reconnaissance campaign targeting Citrix ADC and NetScaler Gateways. Attackers used over 63,000 residential proxies to discover login panels, then switched to AWS infrastructure […]

February 4, 2026
0 comment
Read More >>

Microsoft: Info-Stealing malware expands from Windows to macOS

Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapidly expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Since late 2025, Microsoft has seen a surge in macOS infostealer attacks using social engineering, fake […]

February 4, 2026
0 comment
Read More >>

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first […]

February 4, 2026
0 comment
Read More >>