A newly identified threat group, tracked as UAT-10362, has been linked to targeted spear-phishing attacks against organizations in Taiwan, including non-governmental organizations (NGOs) and likely academic institutions. The campaign introduces a previously unseen Lua-based malware named LucidRook. According to research…
Multiple China-Linked Groups Target Southeast Asian Government in Coordinated Operation Cybersecurity researchers have uncovered a large-scale cyber espionage campaign targeting a government organization in Southeast Asia. The operation appears to involve multiple threat groups with ties to China, working in…
CTRL Malware Campaign Uses Fake Files to Trick Windows Users Security researchers have uncovered a new remote access toolkit known as CTRL, believed to be linked to Russian threat actors. The malware is being spread through deceptive Windows shortcut files…
What’s Really Slowing Down Tier 1 Analysts in Modern SOCs? In many Security Operations Centers (SOCs), delays are often blamed on complex threats. But in reality, the bigger issue is usually the process itself. Fragmented workflows, manual triage steps, and…
DeepLoad Malware Spreads Through ClickFix Social Engineering Campaign Security researchers have uncovered a new cyberattack campaign using a deceptive tactic known as ClickFix to spread a previously unknown malware loader called DeepLoad. According to researchers at ReliaQuest, the malware is…
This Week in Cybersecurity: Small Threats, Big Impact This week’s cybersecurity landscape doesn’t come with one major headline, but that doesn’t mean things are quiet. Instead, there’s a steady buildup of smaller threats, many of which are surprisingly effective. Some…
EDR Killers Are Helping Ransomware Bypass Security Defenses A new cybersecurity report has revealed how attackers are increasingly using specialized tools known as EDR killers to shut down security systems before launching ransomware attacks. These tools are designed to disable…
Apple Issues Urgent Warning Over iOS Exploit Attacks Apple is calling on iPhone users running older versions of iOS to update their devices immediately following the discovery of active web-based attacks using exploit kits known as Coruna and DarkSword. These…
Authorities Disrupt Massive IoT Botnets Behind Global DDoS Attacks The U.S. Department of Justice has announced a major operation targeting several large botnets responsible for some of the most powerful distributed denial-of-service (DDoS) attacks ever recorded. The operation focused on…
New Magento Vulnerability Could Lead to Full Store Compromise A serious security issue has been discovered in Magento’s REST API that could let attackers upload malicious files without authentication. If exploited, the flaw could allow hackers to execute code on…
AI Is Changing Cybercrime Faster Than Security Can Adapt Artificial Intelligence is transforming how businesses operate, but it’s also giving cybercriminals new tools to launch smarter and more effective attacks. From phishing emails that feel personal to malware that constantly…
Google Introduces 24-Hour Delay for Android App Sideloading to Boost Security Google has rolled out a new security update for Android that adds a 24-hour waiting period before users can install apps from unverified sources. The move is part of…
INTERPOL Dismantles Major Cybercrime Infrastructure in Global Operation INTERPOL has announced the disruption of a massive cybercrime network after authorities shut down more than 45,000 malicious IP addresses and servers linked to phishing attacks, malware distribution, and ransomware operations. The…
Meta Plans to Remove End-to-End Encryption From Instagram Chats Meta has confirmed that end-to-end encryption (E2EE) for Instagram direct messages will be discontinued after May 8, 2026, marking a shift in how the platform handles private messaging security. In a…
Suspected Chinese Cyber Espionage Operation Targets Southeast Asian Military Organizations Cybersecurity researchers have uncovered a long-running cyber espionage campaign believed to be linked to China that has been quietly targeting military institutions across Southeast Asia since at least 2020. The…
GlassWorm Attack Evolves, Targeting Developers Through VS Code Extension Supply Chain Cybersecurity researchers have uncovered a new phase of the GlassWorm malware campaign, revealing a more advanced method of spreading malicious code through the Open VSX extension registry used by…
China Warns About Security Risks in OpenClaw Autonomous AI Agent China’s national cybersecurity authority has raised concerns about potential security issues linked to OpenClaw, an open-source autonomous AI agent previously known as Clawdbot and Moltbot. The alert came from the…
CISA Flags Three Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog by adding three newly identified security flaws that are currently being used…
Hackers Target Salesforce Experience Cloud Sites Using Modified AuraInspector Tool Salesforce has alerted customers to a surge in malicious activity targeting publicly accessible Experience Cloud websites, where attackers are attempting to exploit configuration mistakes to gain access to sensitive information.…
Russian APT28 Hackers Deploy New Malware to Spy on Ukrainian Military Personnel A Russian state-backed cyber espionage group known as APT28 has been using new malware tools to monitor Ukrainian military targets over an extended period, according to recent cybersecurity…
