Friday , July 10 2026

Cyber Attack

QNAP Patched 7 Zero-Days Exploited at Pwn2Own 2025

QNAP

QNAP has urgently advised users and released patches for seven zero-day vulnerabilities exploited during the Pwn2Own Ireland 2025 competition, affecting their NAS devices. These patches address critical flaws in the core operating systems and key applications, such as backup and malware removal tools. Top security research teams, including Summoning Team, …

Read More »

DDoS Scandals Hit Bangladesh ISP Sector: BTRC Prepares Crackdown

ISP

The government and Bangladesh Telecommunication Regulatory Commission (BTRC) have received credible information that some companies of Bangladesh Internet Service Providing (ISP) sector are trying to destroy the networks and businesses of rival ISPs through DDoS (Distributed Denial of Service) attacks organized from abroad according to Faiz Ahmad Taiyeb adviser (Ministry …

Read More »

DomeWatch leak exposed Capitol Hill applicants’ personal data

DomeWatch

Thousands of Americans’ personal job-seeking details were publicly exposed because of an unsecured database linked to the House Democrats’ Official Online Resume Bank, DomeWatch.us. The security lapse was brought to light by the research firm Safety Detectives, after an anonymous cybersecurity researcher reported to them about an “unencrypted and non-password-protected …

Read More »

Check Point Research: "YouTube Ghost Network"
Hacker Used Over 3,000 Malicious Videos to Spread Infostealer Malware

infostealer malware

A report reveals that over 3,000 malicious YouTube videos were used to spread infostealer malware. Check Point Research has named a major malware operation the “YouTube Ghost Network.” It uses fake YouTube accounts to spread infostealer malware like Rhadamanthys and Lumma. Game hacks and cheats and software cracks and piracy …

Read More »

ALERT: APT Mysterious Elephant actively target Bangladesh

Mysterious Elephant

Mysterious Elephant is an active APT group identified by Kaspersky GReAT in 2023. It continually evolves its tactics to avoid detection. The group’s recent campaign, starting in early 2025, shows a notable change in their tactics, focusing more on new custom tools and open-source tools like BabShell and MemLoader. The …

Read More »

SonicWall Confirms Hackers Access All Cloud Firewall Backups

cloud backup

After its investigation in collaboration with leading IR Firm, Mandiant into the scope of a recent cloud backup security incident, SonicWall confirm that an unauthorized party accessed firewall configuration backup files for all customers who have used SonicWall’s cloud backup service. The files contain encrypted credentials and configuration data; while …

Read More »

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Zimbra

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. ICS files, or iCalendar files, store plain text calendar information, like meetings and events, and allow exchange between different calendar apps. Threat actors …

Read More »