Beyond MFA: Building true resilience against identity-based attacks
Multi-factor authentication (MFA) remains a cornerstone of cybersecurity, but attackers have learned find workarounds.As identity-driven attacks continue to rise, organizations...
have
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has...
Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware
Ravie LakshmananJan 26, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a...
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Ravie LakshmananJan 26, 2026AI Security / Vulnerability Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions...
OpenAI’s GPT is getting better at mathematics
Math problems have long proven difficult for AI. Scientists have speculated that this could be because AI systems can’t recognize...
Microsoft releases second out-of-band fix for Windows in a week
Outlook users have reported difficulties with Microsoft’s January Patch Tuesday updates, forcing Microsoft, once again, to patch some of its...
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
ESET Research The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper ESET Research 23 Jan...
Okta Uncovers Custom Phishing Kits Built for Vishing Callers
Image: Unsplash Phone scammers have achieved an unwelcome breakthrough, combining traditional phishing websites with real-time voice manipulation in ways that...
How ASPM Protects Cloud-Native Applications from Misconfigurations and Exploits
Cloud-native applications have changed how businesses build and scale software. Microservices, containers, and serverless architectures enable faster and more flexible...
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Ravie LakshmananJan 23, 2026Email Security / Endpoint Security Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages...
New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack
Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator...
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
Ravie LakshmananJan 21, 2026Vulnerability / Network Security Zoom and GitLab have released security updates to resolve a number of security...
VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person...
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Ravie LakshmananJan 20, 2026Malware / Threat Intelligence Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private...
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Ravie LakshmananJan 20, 2026Cloud Security / Developer Security Cybersecurity researchers have disclosed details of a malware campaign that's targeting software...
