Yazoul - Cybersecurity AlertsApr 8

πŸ”Ή THREAT INTELLIGENCE

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

Threat Actor | HIGH

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign...

Full analysis:
https://www.yazoul.net/news/news/russian-state-linked-apt28-exploits-soho-routers-in-global-dns-hijacking-campaig

#InfoSec #Ransomware #CyberNews

APT28 Hijacks SOHO Routers - Microsoft 365 Credentials at Risk

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers

Yazoul Security
Yazoul - Cybersecurity AlertsApr 7

⚑ THREAT INTELLIGENCE

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

Vulnerability | MEDIUM

A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise...

Full analysis:
https://www.yazoul.net/news/news/new-gpubreach-attack-enables-full-cpu-privilege-escalation-via-gddr6-bit-flips

#InfoSec #Ransomware #CyberNews

GPUBreach Rowhammer Attack Targets GPU Memory - New Threat

A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. [...]

Yazoul Security
Aftershock IndexApr 2

πŸ“Š MORNING BRIEFING (AI-FREE EDITION)

Last 24h: 257 stories detected (GrayZone: 191, Russia: 27, China: 16, FiveEyes: 15, Local: 8). 40 critical incidents flagged.

⏰ MISSING IN CZ:
β€’ North Korea’s Lazarus Group Behind the Axios npm Supply Chain Attack... (22.6h lag)
β€’ #Cybersecurity #ITSecurity #InfoSec #CyberNews #Hacking #EthicalHackingNews Axio... (19.7h lag)
β€’ New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation β€” Patch Released...

Read more: https://index.deceiver.io/story/106130

Yazoul - Cybersecurity AlertsMar 31

πŸ”΅ THREAT INTELLIGENCE

Critical Citrix NetScaler memory flaw actively exploited in attacks

Vulnerability | CRITICAL
CVEs: CVE-2026-3055

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to...

Full analysis:
https://www.yazoul.net/news/news/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks

#CyberSecurity #APT #CyberNews

Critical Citrix NetScaler Memory Flaw Actively Exploited - Patch Urgently

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 27

πŸ”΅ THREAT INTELLIGENCE

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Vulnerability | CRITICAL
CVEs: CVE-2026-33017

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as...

Full analysis:
https://www.yazoul.net/news/news/langchain-langgraph-flaws-expose-files-secrets-databases-in-widely-used-ai-frame

#InfoSec #Ransomware #CyberNews

LangChain, LangGraph Flaws Expose AI Systems - CISA Warns of Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework

Yazoul Security
Yazoul - Cybersecurity AlertsMar 26

⚑ THREAT INTELLIGENCE

PolyShell attacks target 56% of all vulnerable Magento stores

Vulnerability | MEDIUM

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more...

Full analysis:
https://www.yazoul.net/news/news/polyshell-attacks-target-56-of-all-vulnerable-magento-stores

#InfoSec #Ransomware #CyberNews

PolyShell Attacks Hit 56% of Vulnerable Magento Stores - AI Threat Looms

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 21

πŸ’  THREAT INTELLIGENCE

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

Vulnerability | MEDIUM

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and...

Full analysis:
https://www.yazoul.net/news/news/the-importance-of-behavioral-analytics-in-ai-enabled-cyber-attacks

#ThreatIntel #SecurityNews #CyberNews

AI-Powered Cyber Attacks Evolve - Why Behavioral Analytics is Now Critical

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and contain breaches to reduce the impact of wiper campa

Yazoul Security
Yazoul - Cybersecurity AlertsMar 19

πŸ”΅ THREAT INTELLIGENCE

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Vulnerability | CRITICAL
CVEs: CVE-2025-66376

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security...

Full analysis:
https://www.yazoul.net/news/news/cisa-warns-of-zimbra-sharepoint-flaw-exploits-cisco-zero-day-hit-in-ransomware-a

#CyberSecurity #APT #CyberNews

CISA Warns of Active SharePoint, Zimbra Flaw Exploits; Cisco Zero-Day in Ransomware Attacks

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]

Yazoul Security
Yazoul - Cybersecurity AlertsMar 18

⚑ THREAT INTELLIGENCE

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Vulnerability | MEDIUM
CVEs: CVE-2026-20643

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs...

Full analysis:
https://www.yazoul.net/news/news/apple-fixes-webkit-vulnerability-enabling-same-origin-policy-bypass-on-ios-and-m

#CyberSecurity #APT #CyberNews

Apple Patches WebKit Same-Origin Policy Bypass in New Background Updates

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade. [...]

Yazoul Security
Outpost24Mar 17

Outpost24 in the News:

Our Principal Threat Intel Researcher, Lydia Atienza, shared insights with Forbes on warnings about ongoing global attacks targeting Signal and WhatsApp users.

πŸ”΅ Read the article here: https://www.forbes.com/sites/daveywinder/2026/03/10/new-signal-and-whatsapp-hack-attacks-confirmed-security-agency-warns/

#ThreatIntelligence #IntheNews #Cybersecurity #CyberNews