Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
Ravie LakshmananJun 27, 2026Messaging Security / Cyber Espionage The Security Service of Ukraine (SSU) said it, together with the U.S....
LakshmananJun
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
Ravie LakshmananJun 26, 2026Cyber Espionage / Malware A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new...
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
Ravie LakshmananJun 26, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical...
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
Ravie LakshmananJun 25, 2026Hacking News / Cybersecurity News It’s dumb out there again. This week has the usual smell of...
New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
Ravie LakshmananJun 25, 2026AI Security / Malware A previously undocumented Rust-based macOS implant and information stealer has been found to...
New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
Ravie LakshmananJun 25, 2026Initial Access Broker / Ransomware A new, stealthy backdoor named Mistic has been deployed as part of...
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
Ravie LakshmananJun 25, 2026Vulnerability / Threat Intelligence An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco...
CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited
Ravie LakshmananJun 24, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active...
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
Ravie LakshmananJun 24, 2026Open Source / Supply Chain Security Cybersecurity researchers have flagged a new class of CI/CD workflow weakness...
DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering
Ravie LakshmananJun 24, 2026Money Laundering / Cybercrime The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a...
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
Ravie LakshmananJun 24, 2026Vulnerability / Network Security Threat actors have begun to exploit a recently disclosed critical security flaw impacting...
FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
Ravie LakshmananJun 23, 2026Initial Access Broker / Firewall Security A Russian-speaking initial access broker (IAB) driven by financial gain is...
GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
Ravie LakshmananJun 23, 2026Workflow Security / Software Supply Chain GitHub is moving to strengthen software supply chain security by updating...
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
Ravie LakshmananJun 23, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have discovered a set of malicious npm packages that...
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
Ravie LakshmananJun 23, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have discovered a set of malicious npm packages that...
