Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting...
attackers
Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release
Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release Pierluigi Paganini February 13, 2026 Attackers quickly targeted BeyondTrust flaw CVE-2026-1731...
ZeroDayRAT spyware grants attackers total access to mobile devices
ZeroDayRAT spyware grants attackers total access to mobile devices Pierluigi Paganini February 10, 2026 ZeroDayRAT is a commercial mobile spyware...
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor Pierluigi Paganini February 09, 2026 Huntress confirmed active...
Polymorphic Viruses: Why They’re Harder to Detect Every Year
Cyber threats rarely stand still. Attackers keep finding new ways to slip past defences, and the polymorphic computer virus is...
This Week in Scams: Dating App Breaches, TikTok Data, Grubhub Extortion
This week in scams, three headlines tell the same story: attackers are getting better at manipulating people, not just breaking into...
PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun
PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun Pierluigi Paganini January 28, 2026 Koi researchers found...
Beyond MFA: Building true resilience against identity-based attacks
Multi-factor authentication (MFA) remains a cornerstone of cybersecurity, but attackers have learned find workarounds.As identity-driven attacks continue to rise, organizations...
This Week in Scams: Netflix Phishing and QR Code Espionage
This week in scams, attackers are leaning hard on familiar brands, everyday tools, and routine behavior to trigger fast, unthinking reactions. From fake Netflix...
The New Rules of Cyber Resilience in an AI-Driven Threat Landscape
For years, cybersecurity strategy revolved around a simple goal: keep attackers out. That mindset no longer matches reality. Today’s threat...
ACME flaw in Cloudflare allowed attackers to reach origin servers
ACME flaw in Cloudflare allowed attackers to reach origin servers Pierluigi Paganini January 21, 2026 Cloudflare fixed a flaw in...
