A sophisticated supply chain attack orchestrated by the threat group TeamPCP has successfully infiltrated GitHub and Microsoft infrastructure, with malicious activity detected through May 24, 2026. The campaign leverages compromised developer accounts and poisoned packages to distribute malware acro
Kazuar, a sophisticated .NET-based backdoor attributed to Russian APT group Secret Blizzard (formerly Turla), has undergone significant evolution since its discovery in 2017. Recent analysis reveals the malware has transformed into a highly modular espionage platform with plugin-based architecture,
A critical vulnerability in Ghost CMS (CVE-2026-26980) has been actively exploited to compromise over 700 websites, enabling attackers to deploy ClickFix social engineering campaigns. The flaw allows unauthenticated attackers to inject malicious JavaScript into Ghost-powered sites, turning legitimat
A critical zero-click vulnerability affecting WhatsApp on iOS 16 devices allows attackers to silently hijack accounts without any user interaction. The exploit bypasses WhatsApp’s linked device notifications, leaving victims completely unaware their accounts have been compromised. Security researche
North Korean APT group Lazarus has deployed a sophisticated memory-only remote access trojan (RAT) dubbed RemotePE in targeted attacks against financial institutions and cryptocurrency firms. The malware operates entirely in memory without touching disk, evading traditional file-based detection syst
Threat actors conducted an aggressive reconnaissance campaign against SonicWall firewall interfaces, generating over 597,000 scanning sessions within a nine-day period. This massive scanning operation targeted publicly exposed SonicWall management interfaces, likely seeking vulnerable devices for ex
Iranian state-sponsored threat actors are leveraging Microsoft Azure cloud infrastructure to host command-and-control (C2) domains for their custom MiniUpdate remote access trojan (RAT). This sophisticated espionage campaign exploits the trust associated with legitimate cloud services to evade detec
Anthropic has announced plans to release its Mythos-class AI models to the public, marking a significant shift in accessibility for advanced language models. This expansion raises critical security concerns around prompt injection attacks, jailbreaking attempts, data exfiltration risks, and potentia
The personal website of FBI Director Kash Patel was abruptly taken offline following reports of malware infections targeting visitors. The site, which served as Patel’s brand platform, reportedly distributed malicious code that triggered security alerts across multiple antivirus solutions. The incid
Chinese-language Phishing-as-a-Service (PhaaS) platforms have significantly evolved, now incorporating artificial intelligence and sophisticated MFA bypass techniques. These commercial services lower the barrier to entry for cybercriminals, offering turnkey phishing solutions with advanced evasion c