Offensive Security

ue, 07 Apr 2026

US warns of Iranian hackers targeting critical infrastructure

Iranian-linked hackers are targeting Rockwell/Allen-Bradley PLCs in U.S. critical infrastructure, causing financial losses and disruptions since March 2026.

Read Article

ue, 07 Apr 2026

Russia Hacked Routers to Steal Microsoft Office Tokens

Russian military-linked hackers exploited router flaws to steal Microsoft Office authentication tokens from 18,000+ networks.

Read Article

ue, 07 Apr 2026

Max severity Flowise RCE vulnerability now exploited in attacks

A critical vulnerability in Flowise allows arbitrary code execution via unsafe JavaScript injection. The issue is fixed in version 3.0.6.

Read Article

ue, 07 Apr 2026

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

APT28 exploits MikroTik and TP-Link routers, hijacking DNS to collect network data. The FrostArmada campaign targets SOHO devices for cyber espionage since May 2025.

Read Article

ue, 07 Apr 2026

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

Law enforcement and private sector disrupted FrostArmada APT28 campaign hijacking SOHO routers. The group intercepted Microsoft credentials via DNS hijacking.

Read Article

ue, 07 Apr 2026

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

A critical flaw in Docker Engine allows attackers to bypass authorization plugins by exploiting an incomplete fix from a previous vulnerability.

Read Article