CYBERSECURITY

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

Microsoft declared on Wednesday that it has launched a "coordinated legal action" in the United States and the United Kingdom to stop RedVDS, a cybercrime subscription service that has all

'VoidLink' Malware Poses Advanced Threat to Linux Systems

A sophisticated, cloud-first malware framework created by actors connected to China that aims to create persistent access to cloud and container environments may soon pose a new threat to

Taiwan Endures Greater Cyber Pressure From China

China's cyber-threat groups are still intensifying their attacks on Taiwan, increasing cyber activity against the vital infrastructure of the self-governing island and appearing to carry o

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow has revealed information about a critical security vulnerability affecting its ServiceNow AI Platform that has been fixed This article explores vulnerability affecting serviceno

Retail, Services Industries Under Fire in Oceania

According to recent data, hackers are increasingly focusing on businesses in non-critical industries like retail and construction in Australia and New Zealand This article explores repercu

Microsoft Disrupts Cybercrime Service RedVDS

Microsoft recently took part in a concerted legal effort to stop RedVDS, a cybercrime service that defrauded victims of millions of dollars This article explores stop redvds cybercrime. .

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have revealed information about a new campaign called SHADOW#REACTOR, which uses an evasive multi-stage attack chain to establish persistent, covert remote access

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

A high-severity security vulnerability affecting Gogs has been actively exploited, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which has added it to its

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

In order to obtain developers' OAuth credentials, threat actors have been seen uploading eight packages to the npm registry under the guise of integrations intended for the n8n workflow au

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

One thing became evident this week: minor mistakes can quickly get out of control This article explores 2024 vmware vulnerabilities. . Once fundamental precautions were disregarded, time-s

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

In order to create a botnet that can brute-force user passwords for services like FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers, a recent wave of GoBruteforcer attacks has target

Anthropic Launches Claude AI for Healthcare with Secure Health Record Access

The latest artificial intelligence (AI) company to reveal a new feature set that enables users of its Claude platform to comprehend their health data is Anthropic This article explores wel

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Two service providers that give online criminal networks the infrastructure and tools they need to support the pig butchering-as-a-service (PBaaS) economy have been identified by cybersecu

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

N8n has been found to have a new critical security flaw. An authenticated attacker might be able to run arbitrary system commands on the underlying host. The vulnerability has a CVSS score

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

During a 14-day period in December 2025, attackers were seen sending 9,394 phishing emails to about 3,200 customers.

The misuse of Application Integration's "Send Email" task, which

The ROI Problem in Attack Surface Management

Tools for Attack Surface Management (ASM) promise lower risk.

Typically, they provide more details.

The rationale behind the majority of ASM programs is that you cannot prote

How To Browse Faster and Get More Done Using Adapt Browser

Performance and productivity frequently decline as web browsers develop into all-purpose platforms. Browsing sessions can be slowed down and needless friction introduced by feature overload,

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

Internet of Things (IoT) devices and web applications have been the target of a persistent nine-month campaign to enroll them in the RondoDox botnet. The activity has been seen using the rece

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

This week's summary demonstrates how subtle behavioral changes, such as code modifications and employment scams, are redefining what "cybercrime" actually entails. A Lithuanian national has b

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

Three people connected to the Intellexa Consortium were taken off the list of specifically designated nationals by Treasury. The following people were sanctioned by OFAC in March 2024: Merom

Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes

The Palo Alto Networks Cortex Cloud team will take you through three recent investigations in a technical deep dive next week. Because these threats appear to be typical activity, standard se

Why Data Security and Privacy Need to Start in Code

The number of applications and the rate of change within those applications are growing at an accelerated rate for businesses. Teams in charge of security and privacy are under a lot of press

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

A serious security vulnerability in Fireware OS has been fixed by WatchGuard. According to the company, the vulnerability has been used in actual attacks. The vulnerability has been character

U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme

A website used to support a bank account takeover scheme was taken over by the U.S. Justice Department. Illegally obtained bank login credentials were hosted and manipulated using the domain

U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware

A multi-million dollar ATM jackpotting scheme has resulted in the indictment of 54 individuals. Ploutus malware was used in the massive conspiracy to breach automated teller machines (ATMs) a

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

The extensions are marketed as a "multi-location network speed test plug-in" for foreign trade staff and developers. Believing they are buying a genuine VPN service, users pay subscriptions b

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Users are being urged by Trust Wallet to update to the most recent version of its Google Chrome extension. The multi-chain, non-custodial cryptocurrency wallet service stated that version

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

For many years, traditional security frameworks have been beneficial to organizations. However, AI systems function very differently from the applications that these frameworks were intended

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

A criminal network running call centers in Dnipro, Ivano-Frankivsk, and Kyiv was targeted by authorities in the Czech Republic, Latvia, Lithuania, and Ukraine. Over 400 victims in Europe were

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

Attackers are blending in, taking control of reliable apps, common tools, and even AI assistants. Nezha is an open-source monitoring tool that malicious actors are using to access compromised