CISA Issues Urgent Warning on SD-WAN Flaw Under Active Attack
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploite
Cybersecurity
253 articles
FBI and Indonesian Police Shut Down $20M W3LL Phishing Scheme
The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global p
Ransomware Negotiator Admits to Leading BlackCat Attacks
41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has pleaded guilty to targeting U.S. companies in BlackCat
AI Model Finds Zero-Days Across All Major Operating Systems
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and b
6,400 Apache ActiveMQ Servers Under Active Attack
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-se
Congressional Pressure Mounts as CISA Grapples with Major Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity report
OpenAI Revokes macOS Certificate Following Axios Supply Chain Issue
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user dat
NGate Android Malware Targets NFC Payments via HandyPay
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile pa
North Korean Hackers Target Users Via Facebook Befriending Scam
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat act
North Korean Hackers Blamed for $290M KelpDAO Crypto Heist
State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. [...]
CPUID Site Compromised to Distribute STX RAT Malware
Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and P
Apple's Chinese App Store Hit by Crypto-Stealing Wallet Scams
A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phras
Botmaster Behind Kimwolf IoT Botnet Arrested
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet t
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulner
Gentlemen Ransomware Gang Deploys SystemBC Botnet in Corporate Attacks
A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen rans
Third-Party Vendors: Your Organization's Hidden Security Risk
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their
Seiko USA Website Defaced in Data Theft Attack
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to lea
WhatsApp Warns 200 Users of Fake iOS App Spyware
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with&nb
Microsoft Teams Targeted in Enterprise Helpdesk Impersonation Attacks
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movemen
Critical Vulnerabilities Expose Popular Software to Active Attacks
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t ev
Backups Alone Won't Save Your Business From Downtime
Backups protect data, but don't keep your business running during downtime. Datto shows why BCDR is essential to keep operations running during ransomware and o
Identity Gaps Pose Growing Enterprise Risk as AI Threats Escalate
In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity programs are matu
British Scattered Spider Leader Pleads Guilty to Crypto Theft
A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and agg
North Korean Hackers Behind Axios npm Package Supply Chain Attack
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orch
Microsoft Accelerates File Explorer with Speed Enhancements
Microsoft is rolling out multiple File Explorer changes to Windows 11 users in the Insider program, including improvements to launch speed and performance. [...
New LucidRook Malware Targets Taiwan NGOs
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organization
Microsoft Deploys Emergency Fixes for Windows Server Glitches
Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates. [...]
Security Threats Escalate: Pre-Auth Chains and Android Rootkits
The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures her
Microsoft Rolls Back Teams Update After Launch Issues
Microsoft has reverted a recent service update that was preventing some customers from launching the Microsoft Teams desktop client. [...]
Security Threats Surge: Legacy Flaws Meet Modern Attack Methods
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilitie
Vercel Confirms Security Breach, Hackers Claim Data Sale
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen d
Open Source Security Report Reveals Enterprise Consumption Trends
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open
NIST Stops Rating Low-Priority Vulnerabilities Amid Rising Submissions
The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing workload from rising
Shadow AI: The Enterprise Security Blind Spot
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost produc
Apple's Account Alerts Weaponized in iPhone Phishing Campaign
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's servers, increasing l
The Real Cost of Repeated Credential Breaches
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Repo
Critical Protobuf.js Flaw Exposes JavaScript Apps to Remote Code Execution
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's P
CISA Contractor Exposed AWS Keys in Major Gov Data Leak
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed cred
Enterprise Identity Management Faces Critical Visibility Gap
The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasing
Microsoft Edge Update Breaks Teams Right-Click Paste Feature
Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client.
Cyber Criminals Deploy RATs and Miners via Fake Software
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and
NAKIVO Backup v11.2 Adds Ransomware Defense and Platform Support
NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive data protection. [...]
Ransomware Gangs Exploit Vulnerable Drivers to Disable EDR Tools
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BY
Payouts King Ransomware Deploys Hidden VMs to Evade Security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint secur
1,000+ ComfyUI Instances Hijacked in Cryptomining Botnet Blitz
An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurr
How Cybercriminals Evaluate Stolen Card Marketplaces
In cybercrime markets, trust isn't assumed, it's verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, re
SparkCat Malware Returns: New Variant Targets Crypto Wallets
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after t
Kyrgyzstan Crypto Exchange Grinex Halts After $13.7M Hack
Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. [
New GPU Attack Exploits Memory Flaws for CPU Takeover
New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate pr
MSPs Face Growing Pressure as Cyberattacks Outpace Defenses
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today's cybercrime. Join our upcoming webinar t