More than 6,000 internet-exposed Apache ActiveMQ instances are still vulnerable to CVE-2026-34197. This newly tracked security flaw has now been added to the U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities (KEV) catalog. The exposure data comes from The Shadowserver Foundation, which said it has started daily internet scans for the flaw. In an update published on April 20, […]
The post 6000+ Apache ActiveMQ Instances Vulnerable to CVE-2026-34197 Exposed Online appeared first on Cyber Security News.
You must login to view this content
You must login to view this content
A real-world intrusion campaign leveraging publicly available Nightmare-Eclipse privilege escalation tooling, BlueHammer, RedSun, and UnDefend, following what appears to be unauthorized access through a compromised FortiGate SSL VPN. The incident marks the first confirmed in-the-wild deployment of these tools against a live enterprise environment, raising urgent alarms for security teams globally. The tools at the […]
The post Hackers Use Nightmare-Eclipse Tools After Compromising FortiGate SSL VPN Access appeared first on Cyber Security News.
A new ransomware-as-a-service (RaaS) operation known as “The Gentlemen” has emerged as a serious threat to corporate networks worldwide. Since appearing around mid-2025, this group has rapidly grown into a well-organized criminal platform, publicly claiming over 320 victims, with most attacks — more than 240 — recorded in the opening months of 2026. The speed […]
The post Gentlemen RaaS Attacking Windows, Linux With additional locker written in C for ESXi appeared first on Cyber Security News.