malicious
-
Nexcorium: Aggressive Mirai Botnet Exploits Critical IoT Vulnerability
A new Mirai malware variant dubbed Nexcorium is actively compromising unpatched Internet of Things (IoT) devices, with attackers exploiting a…
Read More » -
Email-Borne Worm Surge Targets Industrial Systems as Overall Malware Declines
While malware activity on industrial control systems (ICS) networks shows gradual decline, email-borne worms are driving a new wave of…
Read More » -
TP-Link Routers Under Attack: Mirai Exploitation via Critical Vulnerability
Active scanning campaigns are targeting vulnerable TP-Link home routers to deploy Mirai-style malware, exploiting the CVE-2023-33538 vulnerability in a new…
Read More » -
TestDisk Impersonation Campaign Uses Microsoft-Signed Binary for DLL Sideloading and Deploys ScreenConnect RAT
Recent research has uncovered a sophisticated search engine poisoning campaign that masquerades as the legitimate TestDisk open-source data recovery tool.…
Read More » -
Critical FortiSandbox Vulnerability CVE-2026-39808: Public Exploit Now Available
A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox, putting thousands of networks…
Read More » -
Sapphire Sleet’s Fake Zoom SDK Preys on macOS Users Through Social Engineering
A sophisticated cyber campaign orchestrated by North Korean threat actor Sapphire Sleet reveals a significant shift toward social engineering over…
Read More » -
ATHR: Integrated Telephony-Based Attack Infrastructure and AI-Driven Voice Social Engineering in TOAD Attack Campaigns
Cybercriminal threat actors are increasingly leveraging telephone-oriented attack delivery (TOAD) methodologies to circumvent conventional email security infrastructure. This trend is…
Read More » -
Ukrainian Authorities Warn of Surge in Targeted Cyberattacks on Government and Healthcare by UAC-0247
A significant surge in cyberattacks has been detected targeting Ukrainian local governments and municipal healthcare institutions, particularly clinical and ambulance…
Read More » -
RedSun Exploit Published: Security Researcher Confronts MSRC on CVE-2026-33825
A security researcher operating under the alias “Chaotic Eclipse” has publicly disclosed a proof-of-concept (PoC) exploit targeting a vulnerability within…
Read More » -
Splunk Rattles with High-Severity Flaw Enabling Remote Server Takeover (CVE-2026-20204)
Splunk has issued a security advisory for a critical vulnerability affecting its Enterprise and Cloud Platform environments. Tracked as CVE-2026-20204…
Read More » -
Attackers Weaponize Google Cloud Storage to Deliver Remcos RAT Through Phishing Campaigns
Cybercriminals are increasingly leveraging Google Cloud Storage infrastructure to circumvent email and web content filters, deploying Remcos Remote Access Trojan…
Read More » -
Massive WordPress Supply Chain Attack: 30+ Plugins Compromised in Silent Backdoor Operation
A sophisticated supply chain attack targeting WordPress users lay dormant for nearly eight months before activating, ultimately compromising core configuration…
Read More » -
How Cybercriminals Are Turning Your Inbox Rules Into a Backdoor
Hackers are quietly exploiting a built-in Microsoft 365 feature to steal emails, hide security alerts, and maintain long-term access to…
Read More »