Threat actors use custom AuraInspector to harvest data from Salesforce systems
Threat actors use custom AuraInspector to harvest data from Salesforce systems Pierluigi Paganini March 10, 2026 Attackers are mass-scanning Salesforce...
actors
Latest OpenClaw Security Risks are Fake GitHub Repositories Used to Deploy Infostealers
The highly popular and risk-riddled OpenClaw personal AI assistant is being used by bad actors to target users with...
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support...
This month in security with Tony Anscombe – February 2026 edition
In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular...
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Ravie LakshmananFeb 27, 2026Endpoint Security / Windows Security Threat actors are luring unsuspecting users into running trojanized gaming utilities that...
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting...
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Ravie LakshmananFeb 13, 2026Malware / Critical Infrastructure Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea,...
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote...
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law...
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro...
Nation-state and criminal actors leverage WinRAR flaw in attacks
Nation-state and criminal actors leverage WinRAR flaw in attacks Pierluigi Paganini January 29, 2026 Multiple threat actors exploited a now-patched...
Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware
Based on its geofencing behavior, we assess that the threat actors are likely of Russian origin, or those from the...
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion Pierluigi Paganini January 20, 2026 Threat actors use...
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio...
