30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Ravie LakshmananMay 01, 2026Malware / Threat Intelligence A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as...
been
AI-Era Threats Spread Beyond Email Into SaaS, Collaboration Apps, and AI Assistants
AI-related security incidents have been spreading well beyond email and into the wider collaboration stack. The data, coming from the...
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in...
Medieval Encrypted Letter Decoded
Medieval Encrypted Letter Decoded Sent by a Spanish diplomat. Apparently people have been working on it since it was rediscovered...
When Research Becomes a Crime: The New Risk Landscape for OSINT and Dark Web Intelligence
There has always been an uncomfortable truth at the core of serious cyber threat intelligence work: To understand threat actors,...
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to...
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Strengthening authentication with passkeys: A CISO playbook
For decades, passwords have been the standard method for protecting access to systems and accounts. However, passwords can be compromised...
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating...
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
Ravie LakshmananApr 22, 2026Cyber Espionage / Malware The threat actor known as Harvester has been attributed to a new Linux...
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Ravie LakshmananApr 22, 2026Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium...
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called...
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Ravie LakshmananApr 20, 2026Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully...
