China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and ...

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on government systems.

INTERPOL dismantled 45,000 malicious IPs in Operation Synergia across 72 countries, disrupting global phishing and ransomware networks.

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Meta will end Instagram E2EE chats May 8, 2026, reversing a 2021 privacy test and reigniting debate over encrypted messaging ...

Phishing floods overwhelm SOC analysts; with 66% unable to keep up, attackers hide spear-phishing in alert queues, increasing ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.

Operation Lightning dismantled SocksEscort proxy botnet exploiting 369,000 IPs in 163 countries, disrupting fraud networks and freezing $3.5M crypto.