OPERATION ENDGAME DISRUPTS GLOBAL CYBERCRIME INFRASTRUCTURE SUPPORTING STEALC, AMADEY, AND SOCGHOLISH MALWARE Blogging
CISA ADDS FOUR ACTIVELY EXPLOITED VULNERABILITIES TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
CISA WARNS OF FORTIBLEED CREDENTIAL EXPOSURE IMPACTING TENS OF THOUSANDS OF FORTINET DEVICES Blogging
HACKERS COMPILE DATABASE OF MORE THAN 30,000 WORKING FORTINET LOGINS IN GLOBAL CYBERESPIONAGE CAMPAIGN Blogging
INTERNATIONAL CYBER OPERATION DISRUPTS MALWARE NETWORK LINKED TO RUSSIA’S EVIL CORP HACKING GROUP Blogging
GITHUB REJECTED REPORTS ON DESIGN ISSUES NOW ALLEGEDLY BEING USED BY SHAI-HULUD SUPPLY-CHAIN CAMPAIGNS, RESEARCHERS SAY Blogging
Russian National Linked to Void Blizzard Cyberespionage Campaign Appears in U.S. Federal Court Blogging
CISA ADDS ACTIVELY EXPLOITED JOOMLA VULNERABILITY TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
CISA ADDS ACTIVELY EXPLOITED IVANTI SENTRY VULNERABILITY TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
FBI Supports International Takedown of VPN Service Allegedly Used by Ransomware Groups in Global Cybercrime Operations Blogging
Cyber Espionage Group Uses Fake Romance Schemes to Target Russian Military Personnel Through Telegram Malware Campaign Blogging
WhatsApp Accuses NSO Group of Violating Federal Injunction Through Alleged Spearphishing Operations Targeting Users Blogging
CISA Adds SolarWinds Serv-U Vulnerability to KEV Catalog Following Confirmed Active Exploitation Activity Blogging
Federal Watchdog Warns NIST Vulnerability Database Failures Are Undermining U.S. Cybersecurity Blogging
CISA Adds Actively Exploited Palo Alto Networks PAN-OS Authentication Bypass Vulnerability to KEV Catalog Blogging
CISA Adds Three Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
CISA Adds CVE-2026-48172 LiteSpeed cPanel Plugin Vulnerability to KEV Catalog Following Active Exploitation Activity Blogging
CISA Adds Seven Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
ScadaBR ICS Platform Exposed to Critical Remote Code Execution Vulnerabilities Affecting Industrial Infrastructure Environments Blogging
ZKTeco CCTV Cameras Exposed to High-Severity Authentication Bypass Vulnerability Affecting Surveillance Infrastructure Blogging
CISA Orders Federal Agencies to Patch Actively Exploited Cisco SD-WAN Vulnerability by Sunday AI Threat Intelligence
CISA Adds Microsoft Exchange Server Vulnerability to KEV Catalog Following Active Exploitation Activity Blogging
OPENAI ROTATES macOS CERTIFICATES AFTER MINI SHAI-HULUD SUPPLY CHAIN BREACH IMPACTS INTERNAL DEVELOPMENT ENVIRONMENT Artificial Intelligence
MAXHUB Pivot Client Application Exposed by Cryptographic Weakness in Newly Released ICS Advisory Blogging
Romanian βSwattingβ Ring Leader Sentenced in Washington After Multi-Year Threat Campaign Targeting U.S. Government and Institutions Blogging
ROBLOX ACCOUNT THEFT RING DISRUPTED: UKRAINIAN AUTHORITIES DETAIN GROUP LINKED TO 610,000 COMPROMISED ACCOUNTS AND CRYPTOCURRENCY RESALE NETWORKS Blogging
MICROSOFT TEAMS IMPERSONATION CAMPAIGN: UNC6692 DEPLOYS βSNOWBELTβ BACKDOOR TO BREACH ENTERPRISE NETWORKS THROUGH SOCIAL ENGINEERING AND MALICIOUS EXTENSIONS Blogging
CHINA-LINKED PHISHING OPERATIONS TARGET JOURNALISTS AND DIASPORA ACTIVISTS: βGLITTER CARPβ AND βSEQUIN CARPβ CAMPAIGNS DEPLOY 100+ MALICIOUS DOMAINS IN TRANSNATIONAL REPRESSION MODEL Blogging
CISA KEV UPDATE: ACTIVE EXPLOITATION CONFIRMED FOR CONNECTWISE SCREENCONNECT PATH TRAVERSAL AND MICROSOFT WINDOWS PROTECTION FAILURE Blogging
GUNFIRE BREACH AT WHITE HOUSE CORRESPONDENTSβ DINNER: ARMED SUSPECT SUBDUED WITHIN SECONDS AS PRESIDENT DONALD J. TRUMP, FIRST LADY, AND VICE PRESIDENT ARE EVACUATED FROM ACTIVE THREAT ZONE Blogging
ICS ALERT: Cybersecurity and Infrastructure Security Agency EXPANDS KNOWN EXPLOITED VULNERABILITIES CATALOG WITH FOUR ACTIVELY TARGETED FLAWS ACROSS ENTERPRISE AND NETWORK DEVICES Blogging
MOBILE BASE STATION SPOOFING OPERATION DISRUPTS MILLIONS OF CONNECTIONS IN CANADAβS FIRST SMS BLASTER CASE Blogging
ADT DATA EXPOSURE INCIDENT IMPACTS CUSTOMER RECORDS AS CRIMINAL CLAIMS SURFACE AROUND LARGE-SCALE DATA THEFT Blogging
SCATTERED SPIDER-ASSOCIATED ACTOR PLEADS GUILTY IN $8 MILLION CRYPTO THEFT CAMPAIGN: SOCIAL ENGINEERING, SMISHING, AND ENTERPRISE ACCOUNT TAKEOVERS DRIVE MULTI-SECTOR BREACHES Blogging
DISTRIBUTED DENIAL-OF-SERVICE (DDOS) CAMPAIGN TARGETS BLUESKY INFRASTRUCTURE: PLATFORM REPORTS SUSTAINED TRAFFIC FLOODING ACROSS CORE APPLICATION SYSTEMS Blogging
THIRD-PARTY AI TOOL BREACH CASCADES INTO VERCEL ENVIRONMENT COMPROMISE: TOKEN EXPOSURE AND WORKSPACE TAKEOVER TRIGGER SUPPLY CHAIN RISK Blogging
CRITICAL ICS ALERT: ANVIZ DEVICE ECOSYSTEM EXPOSED TO HIGH-SEVERITY VULNERABILITIES WITH FULL SYSTEM COMPROMISE POTENTIAL Blogging
CYBER-ENABLED CARGO THEFT OPERATIONS DEPLOY MULTI-LAYER REMOTE ACCESS AND CERTIFICATE SIGNING TO BYPASS DEFENSES Blogging
CISA FLAGS SEVEN ACTIVELY EXPLOITED VULNERABILITIES ACROSS MICROSOFT, ADOBE, AND FORTINET SYSTEMS Blogging
W3LL PHISHING PLATFORM DISRUPTED IN JOINT FBIβINDONESIA OPERATION TARGETING MFA BYPASS ECOSYSTEM Blogging
PLC BREACH OPERATIONS β IRAN-AFFILIATED APT CAMPAIGN TARGETS U.S. CRITICAL INFRASTRUCTURE THROUGH DIRECT OT SYSTEM MANIPULATION Blogging
LEAK BAZAAR EMERGENCE β DATA PROCESSING SERVICES TARGET RANSOMWARE STOCKPILES FOR SECONDARY MONETIZATION Blogging
GOVERNANCE TAKEOVER EXPLOIT: $280 MILLION DRAINED FROM DRIFT PROTOCOL IN SUSPECTED DPRK-ALIGNED OPERATION Blogging
LEAK BAZAAR EMERGENCE β RANSOMWARE DATA MONETIZATION SHIFTS FROM EXTORTION TO STRUCTURED EXPLOITATION PIPELINES Blogging
AXIOS SUPPLY CHAIN BREACH β MALICIOUS NPM RELEASE DELIVERS REMOTE ACCESS TROJAN ACROSS GLOBAL DEV PIPELINES Blogging
CISA KEV ALERT β ACTIVE EXPLOITATION OF CITRIX NETSCALER VULNERABILITY EXPANDS ATTACK SURFACE ACROSS ENTERPRISE EDGE SYSTEMS Blogging
KEV CATALOG EXPANSION β F5 BIG-IP REMOTE CODE EXECUTION VULNERABILITY ADDED AFTER ACTIVE EXPLOITATION CONFIRMED Blogging
CISA CAPABILITY COLLAPSE β FEDERAL SHUTDOWN FORCES CYBER DEFENSE INTO REACTIVE MODE AS WORKFORCE DROPS AND SYSTEMIC RISK EXPANDS Blogging
AI SUPPLY CHAIN COMPROMISE: MALICIOUS LITELLM PACKAGES ENABLE CREDENTIAL THEFT AND PERSISTENT ACCESS ACROSS CLOUD ENVIRONMENTS Blogging
SUPPLY CHAIN BREACH EXPANDS β MARQUIS SOFTWARE INCIDENT EXPOSES 670K+ RECORDS ACROSS BANKING NETWORKS Blogging
Suspicious Activity Detected on FBI Surveillance Network Triggers Federal Cybersecurity Investigation Blogging
Phobos Ransomware Operator Pleads Guilty After Global Extortion Campaign Targeted Over 1,000 Organizations Blogging
Global Law Enforcement Disrupts Tycoon 2FA Phishing Platform Used to Breach Hospitals, Schools, and Corporate Accounts Blogging
Malware Attack Disrupts Government Systems and Phone Lines Across Passaic County, New Jersey Blogging
North Korean Threat Actor Deploys Deepfake Zoom Ruse and ClickFix Malware in Targeted Crypto Executive Intrusion Blogging
Nation-State Operators Accelerate Recon and Malware Development Using Gemini AI Infrastructure Blogging
CISA Orders Federal Agencies to Remove End-of-Life Network Devices Amid Escalating Exploitation Campaigns Blogging
BRICKSTORM BACKDOOR: CHINAβS LONG-TERM PERSISTENCE OPERATION INSIDE GOVERNMENT NETWORKS APT Activity
THE POISONED PIPELINE: Russian-Linked Actors Weaponize Blender Files to Breach Game and Animation Studios Blogging
OPERATION ENDGAME: THE MULTINATIONAL STRIKE THAT CRIPPLED RHADAMANTHYS, VENOMRAT, AND ELYSIUM Blogging
THE PASSWORD PLAGUE: Microsoft Confirms Surge in Identity Attacks Driven by Leaked Credentials and Social Engineering Warfare Blogging
WHEN ALLIES TURN SILENT: Chinese APT βJewelbugβ Breaches Russian IT Firm in Covert Supply-Chain Operation Blogging
Chinese-Linked Hackers Breach Major U.S. Law Firm via Zero-Day Exploit Targeting Attorney Email Accounts Blogging
Hunters International Ransomware Gang Claims to Shut Down β But Experts Say Itβs Just Another Rebrand AI Threat Intelligence
THE SUCCESSOR TO STOLEN SILENCE Acreed Infostealer Rises from Lumma’s Ashes as Russian Cyber Markets Recalibrate Blogging
Firefox Joins the Battle: Critical Flaw Patched After Chrome Zero-Day Used in Espionage Campaigns Blogging
Russiaβs Sandworm Expands Cyber Attacks Beyond Ukraine, Targeting U.S. and European Organizations Blogging
