Security – Page 8 – TheCyberThrone

North Korean PurpleBravo Targets Developers in Contagious Interview Campaign

PurpleBravo, a North Korean state-sponsored threat group, has escalated its cyber espionage efforts by targeting software developers through fake job interviews. Linked to the "Contagious Interview" campaign first noted in…

PravinKarthik February 1, 2026

Ivanti EPMM Zero-Days CVE-2026-1281 & CVE-2026-1340

Ivanti has issued a critical security advisory for two zero-day remote code execution (RCE) vulnerabilities in Endpoint Manager Mobile (EPMM), actively exploited in the wild. CVE-2026-1281 joined CISA's Known Exploited…

PravinKarthik January 31, 2026

Critical SolarWinds Web Help Desk Vulnerabilities

SolarWinds has released a critical security advisory addressing multiple severe vulnerabilities in its Web Help Desk (WHD) platform that impact versions prior to 2026.1. Among the six issues patched, four…

PravinKarthik January 30, 2026

Dissecting CVE-2026-22709: The Zombie Exploit in Node.js vm2

CVE-2026-22709 represents a critical sandbox escape vulnerability in the widely used vm2 Node.js library, allowing attackers to achieve remote code execution (RCE) on host systems.This flaw revives concerns about vm2's…

PravinKarthik January 29, 2026

Nike’s Data Breach: WorldLeaks Strikes the Sportswear Giant

A massive cybersecurity incident has rocked Nike, with the extortion group WorldLeaks claiming responsibility for stealing and leaking over 1.4TB of internal data—nearly 190,000 files. The breach, which reportedly dates…

PravinKarthik January 28, 2026

CVE-2026-24858: Fortinet FortiCloud SSO Zero-Day Under Active Exploitation

A critical authentication bypass vulnerability, CVE-2026-24858, impacts multiple Fortinet products via flawed FortiCloud SSO controls. Fortinet confirmed active exploitation by malicious accounts before patches rolled out this week. Vulnerability Overview…

PravinKarthik January 28, 2026

Crunchbase Data Breach: ShinyHunters Exposes 2M+ Records

The startup intelligence platform Crunchbase confirmed a significant data breach on January 26, 2026, following claims by the notorious ShinyHunters hacking group. They leaked a 402 MB archive containing over…

PravinKarthik January 27, 2026

CISA KEV Catalog Update – 5 Vulnerabilities Added

1) CVE-2018-14634 – Linux Kernel Integer Overflow (Local Privilege Escalation) Type: Integer overflow in the Linux kernel’s create_elf_tables() function.Impact: A local, unprivileged user with access to a SUID or privileged…

PravinKarthik January 27, 2026