CYBER ATTACK

RondoDox is a newly tracked botnet that has quietly grown into one of the most worrying threats seen in the last few months This article explores rondodox.

Cybersecurity researchers have found a serious way for attackers to get around behavioral detections in Palo Alto Networks' Cortex XDR. They can do this.

The Iranian state-sponsored threat group Handala Hack is stepping up its attacks on international organizations' computers This article explores handala.

The Iranian hacker group Handala Hack has used remote desktop access, network tunneling, and multiple data-wiping tools at the same time to launch a.

The attack surface of businesses has changed a lot This article explores malware condibot monaco. . Now, financially motivated attackers are.

Operation CamelClone is a complex spying operation that has been going after government agencies, defense institutions, and diplomatic bodies in many.

Attackers are using trusted infrastructure more and more to avoid detection. A new phishing campaign shows how hacked websites can be used to target.

Qihoo 360, China's biggest cybersecurity company, accidentally made its own wildcard SSL private key public by including it in the public installer for.

A new version of ACRStealer has come out that is much harder to find and much more dangerous to the systems it targets This article explores acrstealer.

In early 2026, IBM X-Force found a troubling new strain of malware that they think was made by AI. They called it "Slopoly" and it was used in a ransomware.

Billions of people depend on postal and courier services every day to send everything from personal letters to online orders This article explores postal.

Researchers have found a new malware campaign that uses fake websites that look like the official FileZilla download page to spread a Remote Access Trojan.

You're not the only one who needs privileged access management (PAM) but has already looked at the top companies in the field and decided against them.

OpenClaw AI Agents leaking private information through indirect prompt injection Attackers can use weak default settings and prompt injection flaws to.

Automatic installation of Windows 11 and Server 2025 Microsoft has announced a two-phase plan to turn off the hands-free deployment feature in Windows.

Discover how Microsoft is looking into a service outage that is affecting Exchange Online users who are having trouble getting to their mailboxes through.

Konni APT, a threat group, has been caught running a multi-stage attack campaign that starts with targeted spear-phishing emails and ends with taking over.

A group of nine new cross-tenant vulnerabilities in Google Looker Studio, known as "LeakyLooker," could have let attackers run any SQL query, steal.

The National Center for Nuclear Research (NCBJ) in Poland has confirmed that a cyberattack recently hit its IT infrastructure This article explores.

Discover how A new open-source tool for scanning secrets is called Zach Rice, who made the Gitleaks project that many people use, made Betterleaks.

Better leaks Scan Directories, Files, and Git Repositories with Open-Source Tool Betterleaks is a new open-source secrets scanner made by the same person.

Discover how A new backdoor called A0Backdoor has been found as part of a planned social-engineering campaign that takes advantage of Microsoft Teams and.

Advanced Protection Mode for Android 17 Google is getting ready to release Android 17, which will include a full set of new APIs and system features that.

Security researchers at Proofpoint have found that ACRStealer, a Malware-as-a-Service (MaaS), has gotten a lot of technical improvements This article.

In 2022, Statista says that more than 161 billion packages were sent around the world This article explores phishing fake shipment. . This shows that.

After a warning from China's National Computer Network Emergency Response Technical Team (CNCERT) about dangerous default settings and prompt-injection.

Google Looker Studio was affected by nine high‑impact “LeakyLooker” vulnerabilities that could have allowed attackers to exfiltrate or modify data across.

Android 17 is making Advanced Protection Mode a much stronger defense layer by actively blocking the use of harmful and misdeclared services, especially.

Microsoft says that a group of hackers it tracks as Storm-2561 is running a campaign to steal credentials by using fake VPN clients that are pushed.

The Konni Advanced Persistent Threat (APT) group has started a new malware distribution campaign that uses hacked KakaoTalk PC messenger accounts to.