MAXHUB Pivot Client Application Exposed by Cryptographic Weakness in Newly Released ICS Advisory Blogging
Romanian ‘Swatting’ Ring Leader Sentenced in Washington After Multi-Year Threat Campaign Targeting U.S. Government and Institutions Blogging
ROBLOX ACCOUNT THEFT RING DISRUPTED: UKRAINIAN AUTHORITIES DETAIN GROUP LINKED TO 610,000 COMPROMISED ACCOUNTS AND CRYPTOCURRENCY RESALE NETWORKS Blogging
MICROSOFT TEAMS IMPERSONATION CAMPAIGN: UNC6692 DEPLOYS “SNOWBELT” BACKDOOR TO BREACH ENTERPRISE NETWORKS THROUGH SOCIAL ENGINEERING AND MALICIOUS EXTENSIONS Blogging
CHINA-LINKED PHISHING OPERATIONS TARGET JOURNALISTS AND DIASPORA ACTIVISTS: “GLITTER CARP” AND “SEQUIN CARP” CAMPAIGNS DEPLOY 100+ MALICIOUS DOMAINS IN TRANSNATIONAL REPRESSION MODEL Blogging
CISA KEV UPDATE: ACTIVE EXPLOITATION CONFIRMED FOR CONNECTWISE SCREENCONNECT PATH TRAVERSAL AND MICROSOFT WINDOWS PROTECTION FAILURE Blogging
GUNFIRE BREACH AT WHITE HOUSE CORRESPONDENTS’ DINNER: ARMED SUSPECT SUBDUED WITHIN SECONDS AS PRESIDENT DONALD J. TRUMP, FIRST LADY, AND VICE PRESIDENT ARE EVACUATED FROM ACTIVE THREAT ZONE Blogging
ICS ALERT: Cybersecurity and Infrastructure Security Agency EXPANDS KNOWN EXPLOITED VULNERABILITIES CATALOG WITH FOUR ACTIVELY TARGETED FLAWS ACROSS ENTERPRISE AND NETWORK DEVICES Blogging
MOBILE BASE STATION SPOOFING OPERATION DISRUPTS MILLIONS OF CONNECTIONS IN CANADA’S FIRST SMS BLASTER CASE Blogging
ADT DATA EXPOSURE INCIDENT IMPACTS CUSTOMER RECORDS AS CRIMINAL CLAIMS SURFACE AROUND LARGE-SCALE DATA THEFT Blogging
SCATTERED SPIDER-ASSOCIATED ACTOR PLEADS GUILTY IN $8 MILLION CRYPTO THEFT CAMPAIGN: SOCIAL ENGINEERING, SMISHING, AND ENTERPRISE ACCOUNT TAKEOVERS DRIVE MULTI-SECTOR BREACHES Blogging
DISTRIBUTED DENIAL-OF-SERVICE (DDOS) CAMPAIGN TARGETS BLUESKY INFRASTRUCTURE: PLATFORM REPORTS SUSTAINED TRAFFIC FLOODING ACROSS CORE APPLICATION SYSTEMS Blogging
THIRD-PARTY AI TOOL BREACH CASCADES INTO VERCEL ENVIRONMENT COMPROMISE: TOKEN EXPOSURE AND WORKSPACE TAKEOVER TRIGGER SUPPLY CHAIN RISK Blogging
CRITICAL ICS ALERT: ANVIZ DEVICE ECOSYSTEM EXPOSED TO HIGH-SEVERITY VULNERABILITIES WITH FULL SYSTEM COMPROMISE POTENTIAL Blogging
CYBER-ENABLED CARGO THEFT OPERATIONS DEPLOY MULTI-LAYER REMOTE ACCESS AND CERTIFICATE SIGNING TO BYPASS DEFENSES Blogging
CISA FLAGS SEVEN ACTIVELY EXPLOITED VULNERABILITIES ACROSS MICROSOFT, ADOBE, AND FORTINET SYSTEMS Blogging
W3LL PHISHING PLATFORM DISRUPTED IN JOINT FBI–INDONESIA OPERATION TARGETING MFA BYPASS ECOSYSTEM Blogging
PLC BREACH OPERATIONS — IRAN-AFFILIATED APT CAMPAIGN TARGETS U.S. CRITICAL INFRASTRUCTURE THROUGH DIRECT OT SYSTEM MANIPULATION Blogging
LEAK BAZAAR EMERGENCE — DATA PROCESSING SERVICES TARGET RANSOMWARE STOCKPILES FOR SECONDARY MONETIZATION Blogging
GOVERNANCE TAKEOVER EXPLOIT: $280 MILLION DRAINED FROM DRIFT PROTOCOL IN SUSPECTED DPRK-ALIGNED OPERATION Blogging
LEAK BAZAAR EMERGENCE — RANSOMWARE DATA MONETIZATION SHIFTS FROM EXTORTION TO STRUCTURED EXPLOITATION PIPELINES Blogging
AXIOS SUPPLY CHAIN BREACH — MALICIOUS NPM RELEASE DELIVERS REMOTE ACCESS TROJAN ACROSS GLOBAL DEV PIPELINES Blogging
CISA KEV ALERT — ACTIVE EXPLOITATION OF CITRIX NETSCALER VULNERABILITY EXPANDS ATTACK SURFACE ACROSS ENTERPRISE EDGE SYSTEMS Blogging
KEV CATALOG EXPANSION — F5 BIG-IP REMOTE CODE EXECUTION VULNERABILITY ADDED AFTER ACTIVE EXPLOITATION CONFIRMED Blogging
CISA CAPABILITY COLLAPSE — FEDERAL SHUTDOWN FORCES CYBER DEFENSE INTO REACTIVE MODE AS WORKFORCE DROPS AND SYSTEMIC RISK EXPANDS Blogging
AI SUPPLY CHAIN COMPROMISE: MALICIOUS LITELLM PACKAGES ENABLE CREDENTIAL THEFT AND PERSISTENT ACCESS ACROSS CLOUD ENVIRONMENTS Blogging
SUPPLY CHAIN BREACH EXPANDS — MARQUIS SOFTWARE INCIDENT EXPOSES 670K+ RECORDS ACROSS BANKING NETWORKS Blogging
Suspicious Activity Detected on FBI Surveillance Network Triggers Federal Cybersecurity Investigation Blogging
Phobos Ransomware Operator Pleads Guilty After Global Extortion Campaign Targeted Over 1,000 Organizations Blogging
Global Law Enforcement Disrupts Tycoon 2FA Phishing Platform Used to Breach Hospitals, Schools, and Corporate Accounts Blogging
Malware Attack Disrupts Government Systems and Phone Lines Across Passaic County, New Jersey Blogging
North Korean Threat Actor Deploys Deepfake Zoom Ruse and ClickFix Malware in Targeted Crypto Executive Intrusion Blogging
Nation-State Operators Accelerate Recon and Malware Development Using Gemini AI Infrastructure Blogging
CISA Orders Federal Agencies to Remove End-of-Life Network Devices Amid Escalating Exploitation Campaigns Blogging
THE POISONED PIPELINE: Russian-Linked Actors Weaponize Blender Files to Breach Game and Animation Studios Blogging
OPERATION ENDGAME: THE MULTINATIONAL STRIKE THAT CRIPPLED RHADAMANTHYS, VENOMRAT, AND ELYSIUM Blogging
THE PASSWORD PLAGUE: Microsoft Confirms Surge in Identity Attacks Driven by Leaked Credentials and Social Engineering Warfare Blogging
WHEN ALLIES TURN SILENT: Chinese APT ‘Jewelbug’ Breaches Russian IT Firm in Covert Supply-Chain Operation Blogging
Chinese-Linked Hackers Breach Major U.S. Law Firm via Zero-Day Exploit Targeting Attorney Email Accounts Blogging
Hunters International Ransomware Gang Claims to Shut Down — But Experts Say It’s Just Another Rebrand AI Threat Intelligence
THE SUCCESSOR TO STOLEN SILENCE Acreed Infostealer Rises from Lumma’s Ashes as Russian Cyber Markets Recalibrate Blogging
Firefox Joins the Battle: Critical Flaw Patched After Chrome Zero-Day Used in Espionage Campaigns Blogging
Russia’s Sandworm Expands Cyber Attacks Beyond Ukraine, Targeting U.S. and European Organizations Blogging
Nearly 400 U.S. Healthcare Institutions Hit with Ransomware in the Past Year, Microsoft Reports Blogging
Comprehensive Cybersecurity Report: U.S. and Global Government Agencies, Military, and Law Enforcement Blogging
China’s Volt Typhoon Exploits Versa Zero-Day Vulnerability to Target U.S. Internet Providers Blogging
