900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Ravie LakshmananFeb 27, 2026Network Security / Vulnerability The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain...
that
The Seam in Cybersecurity Defenses That Nation-States Keep Exploiting
There is a gap in enterprise security that the industry has been talking around for years without naming it...
Google’s Gemini, 3 years in: Is this the future we wanted?
The broader Gemini flaws Beyond any number of specific shortcoming examples is the indisputable fact that Gemini just tends to...
HackerOne Adds AI Agent to Validate Vulnerabilities
HackerOne has added an artificial intelligence (AI) agent to its platform that validates whether a vulnerability actually exists within...
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure...
How AI Agents Automate CVE Vulnerability Research
The CVE Researcher is a multi-agent AI pipeline that automates vulnerability research, detection template generation, and exploitation analysis. Built...
Emulating the Systematic LokiLocker Ransomware
LokiLocker is a Ransomware-as-a-Service (Raas) that has been active since at least mid-August 2021 targeting Windows systems. The ransomware...
Notorious ransomware gang allegedly blackmailed by fake FSB officer
There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has...
LLMs Generate Predictable Passwords
LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen...
Emulating the Mutative BlackByte Ransomware
BlackByte is a ransomware strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Early versions of...
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Ravie LakshmananFeb 25, 2026Cyber Espionage / Network Security Google on Wednesday disclosed that it worked with industry partners to disrupt...
Conduent Breach Surges to Over 25M, Could Be Largest in US History
Image: Adobe Stock The data breach that rocked government IT contractor Conduent back in January 2025 just keeps growing, and...
The Apple-Google AI Deal: What $1 Billion Says About Who’s Really Winning the AI Race
On January 12, 2026, Apple made a decision that shocked Silicon Valley: they chose Google's Gemini to power the...
Apple, the storage company
Happy customers don’t mind too much There’s nothing particularly wrong with that. Critics moaning about Apple’s famed low storage levels...
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a...
