Emulating the Systematic LokiLocker Ransomware
LokiLocker is a Ransomware-as-a-Service (Raas) that has been active since at least mid-August 2021 targeting Windows systems. The ransomware...
active
Stopping real-world attacks: Lessons for business leaders from the 2026 cyber frontline
The 2026 Sophos Active Adversary Report offers an evidence‑based look at how today’s attackers operate in real environments, drawing on...
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster...
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s “dynamic objects” feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so...
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Ravie LakshmananFeb 05, 2026Web Security / Vulnerability Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that...
CVE-2025-22225 in VMware ESXi now used in active ransomware attacks
CVE-2025-22225 in VMware ESXi now used in active ransomware attacks Pierluigi Paganini February 04, 2026 Ransomware groups now exploit VMware...
Fortinet warns of active FortiCloud SSO bypass affecting updated devices
Fortinet warns of active FortiCloud SSO bypass affecting updated devices Pierluigi Paganini January 23, 2026 Fortinet confirmed attacks are bypassing...
LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that's impersonating the...
