The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number...
Hacking
Category Added in a WPeMatico Campaign
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Ravie LakshmananMar 30, 2026Threat Intelligence / Browser Security A new campaign has leveraged the ClickFix social engineering tactic as a...
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Ravie LakshmananMar 30, 2026Cybersecurity / Hacking Some weeks are loud. This one was quieter but not in a good way....
3 SOC Process Fixes That Unlock Tier 1 Productivity
What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest...
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl...
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Ravie LakshmananMar 30, 2026Malware / Network Security Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via...
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
Ravie LakshmananMar 30, 2026Threat Intelligence / Network Intrusion Three threat activity clusters aligned with China have targeted a government organization...
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the...
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Ravie LakshmananMar 28, 2026Vulnerability / Network Security A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway...
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
Ravie LakshmananMar 28, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical...
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Ravie LakshmananMar 28, 2026Mobile Security / Email Security Proofpoint has disclosed details of a targeted email campaign in which threat...
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Ravie LakshmananMar 27, 2026Spyware / Mobile Security Apple is now sending Lock Screen notifications to iPhones and iPads running older...
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python...
