U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 14,...
known
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In...
Kimwolf Botnet Swamps Anonymity Network I2P
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible...
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 11, 2026...
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from...
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
Ravie LakshmananFeb 09, 2026Threat Intelligence / Cyber Espionage The threat actor known as Bloody Wolf has been linked to a...
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February...
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
Ravie LakshmananFeb 05, 2026Botnet / Network Security The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a...
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
Ravie LakshmananFeb 05, 2026Malware / Cyber Espionage The elusive Iranian threat group known as Infy (aka Prince of Persia) has...
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
Ravie LakshmananFeb 03, 2026Vulnerability / Malware The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to...
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
Ravie LakshmananFeb 03, 2026Malware / Open Source A China-linked threat actor known as Lotus Blossom has been attributed with medium...
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between...
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 30, 2026 The...
Moltbot Personal Assistant Goes Viral—And So Do Your Secrets
Moltbot (formerly known as Clawdbot) is an open-source, self-hosted AI agent that operates directly on your local machine. It acts...
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 28, 2026...
