cybersecurity

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet [thehackernews.com] How NIST's Cutback of CVE Handling Impacts Cyber Teams [www.darkreading.com] Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing [www.darkreading.com] The surveillance law Congress can’t quit — and can’t explain [cyberscoop.com] Every Old Vulnerability Is Now an AI Vulnerability [www.darkreading.com]

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched [thehackernews.com] Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs [www.darkreading.com] Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul [thehackernews.com] NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions [thehackernews.com] Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts [thehackernews.com]

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation [thehackernews.com] US nationals sentenced for aiding North Korea’s tech worker scheme [cyberscoop.com] NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities [www.darkreading.com] North Korea Uses ClickFix to Target macOS Users' Data [www.darkreading.com] 'Harmless' Global Adware Transforms Into an AV Killer [www.darkreading.com]