MostereRAT campaign: A newly seen phishing campaign relying on social engineering distributes a powerful RAT. Additional capabilities: It can also install legitimate remote access tools…
Salt Typhoon domains: Today, previously unreported Salt Typhoon-attributed domains registered between 2020 through early 2025 were disclosed. In numbers: Dozens of domains were identified by…
Fake email: Several entities reported receiving an email impersonating China committee chair Representative John Moolenaar. The lure: An attachment purported to be draft legislation contained…
Server Expansion: IPVanish now expand 3100+ VPN servers across 145+ global locations. Security Upgrade: All servers are RAM-only, wiping data on every reboot for stronger…
Tenable data breach: Tenable business contact information and data related to customer accounts and support cases have been exposed. How it started: Investigations revealed that…
Sentencing: An Oklahoma man was sentenced to 78 months for consuming child abuse material. Undercover operation: Jason Gardner Davis shared explicit content with agents posing…
XSS takedown: Studies suggest threat actors are taking interest in new dark web forum DamageLib following the XSS admin arrest. Migration: Forum users were suspicious…
Grok AI abuse: A technique dubbed "Grokking" bypasses security filters for malware distribution via exploiting AI's trusted status. First step: Deceptive video ads are promoted…
OPSO breach: The US Orleans Parish Sheriff's Office was hit by a cyberattack, impacting over 12 computers. Attack containment: Sheriff’s Office announced the attack has…
Flaw exploited: Attackers are abusing a critical ViewState deserialization vulnerability that impacts several Sitecore deployments. How it works: Successful exploitation might lead to remote code…
Bank attack: The West Virginia Bank of Romney was reportedly targeted by Akira Ransomware. What was stolen: The threat actor reportedly exfiltrated employee, financial, client,…
Infostealer surge: Security researchers have noticed a spike in Stealerium campaigns, which use a variety of lures. Potential sextortion: The malware's particularly concerning feature includes…
Cybersecurity chief accused: Ukraine's Anti-Corruption Bureau accused the former SBU cybersec chief in an anti-corruption action. Illia Vitiuk charges: NABU alleges illicit enrichment through undeclared…
Piracy crackdown: A comprehensive anti-piracy operation seized more than 80 domains involved in illegally distributing live sports events. Streameast takedown: The action targeted a sophisticated…
AutoIt abuse: The first known instance of an obfuscated AutoIt loader being used to deliver NBMiner was observed. Legitimate tools: The cryptominer is disseminated through…
JLR shutdown: A Jaguar Land Rover cybersecurity incident was recently acknowledged as the source of an IT system shutdown. Official announcement: The company’s official message…
Illegal IPTV network: Systematic content theft operations are targeting legitimate streaming services worldwide via over 1,000 domains. How it works: The pirates operate via illegal…
Meta order: Singapore ordered Meta to up its anti-scam prevention measures on Facebook or face penalties. Facebook scams: Local authorities said Facebook is the primary…
Expanding compromise: A Palo Alto Networks data breach has been confirmed in relation to the Salesforce security incident. What was impacted: Palo Alto business contact…
Tiered Pricing Launch: ExpressVPN replaces single plan with Basic, Advanced, and Pro subscription tiers. Plan Highlights: Basic offers core VPN, Advanced adds eSIM and identity…
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
