SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
Ravie LakshmananFeb 25, 2026Social Engineering / Cloud Security The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been...
known
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 25,...
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift...
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
Ravie LakshmananFeb 23, 2026Threat Intelligence / Artificial Intelligence The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm,...
Kimwolf Botnet Swamps Anonymity Network I2P
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet...
U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 21, 2026 U.S. Cybersecurity and...
PromptSpy ushers in the era of Android threats using GenAI
ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine...
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 19, 2026 U.S....
U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 14,...
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In...
Kimwolf Botnet Swamps Anonymity Network I2P
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible...
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 11, 2026...
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from...
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
Ravie LakshmananFeb 09, 2026Threat Intelligence / Cyber Espionage The threat actor known as Bloody Wolf has been linked to a...
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February...
