Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
Jan 02, 2026Ravie LakshmananCloud Security / Email Security Cybersecurity researchers have disclosed details of a phishing campaign that involves the...
Hacking
Category Added in a WPeMatico Campaign
ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories
Jan 01, 2026Ravie LakshmananCybersecurity / Hacking News The first ThreatsDay Bulletin of 2026 lands on a day that already feels...
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Jan 01, 2026Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted...
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Dec 31, 2026Ravie LakshmananSoftware Security / Data Breach Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud...
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign...
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
Dec 31, 2026Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that...
Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry
Dec 31, 2026Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have disclosed details of what appears to be a new strain of...
U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware
Dec 31, 2026Ravie LakshmananSpyware / Mobile Security The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on...
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
Dec 30, 2026Ravie LakshmananVulnerability / Email Security The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of...
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns...
How to Integrate AI into Modern SOC Workflows
Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early...
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor
Dec 30, 2026Ravie LakshmananMalware / Cyber Espionage The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented...
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
Dec 29, 2026Ravie LakshmananHacking News / Cybersecurity Last week's cyber news in 2025 was not about one big incident. It...
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
Dec 29, 2026Ravie LakshmananDatabase Security / Vulnerability A recently disclosed security vulnerability in MongoDB has come under active exploitation in...
27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials
Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published...
