data
-
North Korean IT Worker Used Stolen Identity, AI-Generated Resume in Job Scam
A recent investigation exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and…
Read More » -
India Set to Ban Hikvision, TP-Link Devices in April
Commencing April 1, 2026, the Indian government will implement a nationwide prohibition on the sale of internet-connected CCTV cameras manufactured…
Read More » -
ClickFix Evades PowerShell Detection via Rundll32 and WebDAV
A new ClickFix attack variant has been identified that evades detection by shifting execution away from PowerShell and mshta towards…
Read More » -
WordPress Plugin Flaw Exposes Sensitive Data Across 800,000+ Sites
A severe security flaw has been disclosed in Smart Slider 3, a highly popular WordPress plugin currently active on more…
Read More » -
New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains
New homoglyph attack techniques exploit subtle visual similarities in text to spoof trusted domains, steal credentials, and bypass Unicode handling…
Read More » -
Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, now widely recognized as…
Read More » -
European Commission Confirms Cyberattack After AWS Account Breach
The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web…
Read More » -
FBI Director’s Personal Email Breached by Iran-Linked Hackers
Iran-linked hackers have compromised the personal email account of Kash Patel, the FBI’s director, and publicly released photographs and documents…
Read More » -
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
A China-nexus threat actor known as Red Menshen is planting stealthy backdoors deep inside global telecommunications networks. According to a…
Read More » -
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
A significant surge in PXA Stealer campaigns targeting global financial institutions during Q1 2026. This marks a notable shift in…
Read More » -
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
A South Asian financial institution faced compromise due to a custom malware toolkit combining a modular backdoor (BRUSHWORM) and a…
Read More » -
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to…
Read More » -
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).…
Read More » -
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical code-injection vulnerability discovered within Langflow.…
Read More » -
VoidLink Rootkit Leverages eBPF and Kernel Modules to Stealthily Infiltrate Linux Systems
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity…
Read More » -
Leak Bazaar Converts Stolen Corporate Data Into Organized Criminal Marketplace
A new cybercriminal service named “Leak Bazaar” has emerged on the Russian-speaking TierOne forum, advertised by user Snow of SnowTeam…
Read More » -
GhostClaw AI Malware Targets macOS Users with Credential-Stealing Payloads
GhostClaw, a multi-stage macOS infostealer, now exploits both GitHub repositories and AI-assisted development workflows to steal credentials and deploy secondary…
Read More »