CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices’ web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday.

“An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process

The Hacker News – ​Read More

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.

The vulnerabilities are listed below –

CVE-2026-40138 (CVSS score: 9.2) – A pre-authentication vulnerability exists in the

The Hacker News – ​Read More

FBI and Spanish Police Arrest Alleged Cyber Army of Russia Reborn Member

Spanish police and the FBI arrested an alleged Cyber Army of Russia Reborn member as international efforts against pro Russia cyberattacks continue worldwide.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

The ‘first’ AI-run ransomware attack still needed a human

An AI agent carried out the technical execution of a real-world ransomware attack for the first known time, but new details show a human still chose the victim, set up the infrastructure, and supplied stolen credentials — meaning it wasn’t quite the fully autonomous cybercrime debut that last week’s headlines suggested.

Security News | TechCrunch – ​Read More

Attackers vote themselves $20 million in BONK cryptocurrency

BonkDAO said in a social media post that it was the victim of a “malicious governance proposal,” or an attack in which holders of a large amount of BONK used that leverage to vote more coins into their wallets.

The Record from Recorded Future News – ​Read More

Canadian spy agency reports hacking three criminal groups in 2025

A ransomware-as-a-service gang, an online foreign extremist group and drug traffickers were separately the targets of offensive operations in 2025, according to Canada’s Communications Security Establishment.

The Record from Recorded Future News – ​Read More

‘BusySnake’ Infostealer Slithers into Critical Infrastructure Networks

A threat group researchers call “Armored Likho” has gained access to government agencies and electrical power entities in Russia, Brazil, and Kazakhstan.

darkreading – ​Read More

CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

Attackers wasted little time targeting the latest memory disclosure flaw in Citrix’s NetScaler products, after researchers published a proof-of-concept exploit (PoC).

darkreading – ​Read More

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations.

The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research

The Hacker News – ​Read More

Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer.

The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More