TappyURL - URL Shortener

Cybersecurity News

Get the latest cybersecurity news, threat alerts, and expert tips to safeguard your data. Stay ahead of hackers, malware, and online attacks with TappyURL’s up to date security insights.

27 articles

Featured

Cracked Games Hide Dangerous RenEngine Malware Infecting Over 400,000 Windows PCs Worldwide

Cybersecurity researchers warn that pirated Windows games are spreading the RenEngine loader malware, infecting over 400,000 systems globally and delivering info stealers and remote access tools that steal passwords, crypto wallets, and sensitive user data.

Tappy Admin

Feb 09, 2026

169 3 min read

Why Millions Face Security Risks and Broken Inboxes in 2026?

Google is ending POP3 fetching and Gmailify support in 2026, disrupting users who merge third party emails into Gmail. This change removes advanced spam protection for external accounts and forces users to manually configure forwarding to maintain unified inboxes.

Tappy Admin

Jan 27, 2026

188 5 min read

Stealth Malware Bypasses Defender to Deploy Ransomware

A sophisticated multi stage Windows attack uses deceptive LNK files and GitHub to bypass Microsoft Defender. This campaign disables antivirus protections before deploying Amnesia RAT for data theft and Hakuna Matata ransomware to lock user systems.

Tappy Admin

Jan 27, 2026

181 2 min read

Patch Critical VMware vCenter Flaw Now Under Active Attack

CISA has ordered federal agencies to patch a critical, actively exploited VMware vCenter Server vulnerability (CVE-2024-37079) by February 13. Broadcom confirmed the heap overflow flaw allows remote code execution and has no workarounds, necessitating immediate updates.

Tappy Admin

Jan 27, 2026

159 3 min read

Cloudflare WAF Bypassed: Critical Zero Day Exposed via ACME Path

In October 2025, FearsOff researchers discovered a critical Cloudflare zero day where requests to /.well-known/acme-challenge/ bypassed the WAF, exposing origin servers to direct attacks. Cloudflare deployed a permanent fix on October 27, preventing data leaks across multiple frameworks.

Tappy Admin

Jan 25, 2026

163 3 min read

Featured

New LinkedIn Phishing Scam Delivers Hidden Spyware via Direct Messages

A new phishing campaign targets LinkedIn users via direct messages, tricking them into downloading a malicious archive. It exploits DLL sideloading and legitimate open source tools to deploy a Python based Remote Access Trojan (RAT) for persistent remote control.

Tappy Admin

Jan 25, 2026

184 4 min read

Critical WordPress Flaw in ACF Extended Grants Hackers Instant Admin Rights

A critical vulnerability (CVE-2025-14533) in the ACF Extended WordPress plugin allows unauthenticated attackers to gain administrative privileges via user creation forms. Users must update to version 0.9.2.2 immediately to prevent complete site compromise.

Tappy Admin

Jan 25, 2026

129 3 min read

Security Warning: Visual Studio Code Being Abused to Execute Malicious Payloads

North Korean cyber actors are targeting developers by hiding malware in Microsoft Visual Studio Code configuration files. Using fake recruitment repositories, this campaign exploits the tasks.json feature to automatically execute malicious code once a user trusts the repository.

Tappy Admin

Jan 24, 2026

163 3 min read

Featured

FitGirl Exposes ‘HEROSKEEP’ Repacks for Hidden Crypto Mining Malware

FitGirl officially confirmed that repacker "HEROSKEEP" is distributing hidden cryptocurrency miners within game installers. After community analysis verified the malware, she issued a severe warning to avoid unverified sources and remain vigilant against similar threats.

Tappy Admin

Jan 21, 2026

193 5 min read

Critical FortiSIEM Zero Auth RCE Flaw Exposed: Public Exploit Available, Urgent Patching Required

A critical FortiSIEM flaw (CVE-2025-64155) allows unauthenticated remote code execution via phMonitor. Exploits are public; patches released January 2026 for supported versions, while older releases remain vulnerable.

Tappy Admin

Jan 18, 2026

174 3 min read

GoBruteforcer Resurfaces: Botnets Hit Crypto Servers as Hackers Probe LLM Endpoints

A new GoBruteforcer botnet campaign targets poorly secured crypto and blockchain servers using weak credentials, while parallel internet wide scans probe misconfigured LLM and proxy endpoints for unauthorized access and abuse.

Tappy Admin

Jan 16, 2026

164 4 min read

New OAuth ConsentFix Attack Bypasses Microsoft Entra Authentication to Steal Cloud Access Keys

A new OAuth based attack called ConsentFix lets hackers exploit Microsoft Entra authentication flows to steal authorization codes, bypassing security controls. The attack abuses legitimate login processes, making detection difficult even in highly secured cloud environments.

Tappy Admin

Jan 14, 2026

221 3 min read

« Previous
Next »

Showing 1 to 12 of 27 results

All Categories

Cybersecurity News 27 Our Notice 2 Tech News 41

Cybersecurity News

Cracked Games Hide Dangerous RenEngine Malware Infecting Over 400,000 Windows PCs Worldwide

Why Millions Face Security Risks and Broken Inboxes in 2026?

Stealth Malware Bypasses Defender to Deploy Ransomware

Patch Critical VMware vCenter Flaw Now Under Active Attack

Cloudflare WAF Bypassed: Critical Zero Day Exposed via ACME Path

New LinkedIn Phishing Scam Delivers Hidden Spyware via Direct Messages

Critical WordPress Flaw in ACF Extended Grants Hackers Instant Admin Rights

Security Warning: Visual Studio Code Being Abused to Execute Malicious Payloads

FitGirl Exposes ‘HEROSKEEP’ Repacks for Hidden Crypto Mining Malware

Critical FortiSIEM Zero Auth RCE Flaw Exposed: Public Exploit Available, Urgent Patching Required

GoBruteforcer Resurfaces: Botnets Hit Crypto Servers as Hackers Probe LLM Endpoints

New OAuth ConsentFix Attack Bypasses Microsoft Entra Authentication to Steal Cloud Access Keys

Featured Posts

Tech Meta faces Europe antitrust investigation over WhatsApp AI policy

Micron Exits Consumer RAM & SSD Market, Fueling New Memory Shortage Fears

Albiriox Malware Hits 400+ Financial Apps, Hijacks Banking and Crypto Accounts Worldwide

All Categories