China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Ravie LakshmananApr 07, 2026Vulnerability / Threat Intelligence A China-based threat actor known for deploying Medusa ransomware has been linked to the...
threat
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings...
Quantum-Safe Key Encapsulation Mechanisms for Sensitive Context Transport
The quantum threat to ai context transport Imagine someone could record every single secret message your ai sends today...
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E....
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Ravie LakshmananApr 06, 2026Malware / Threat Intelligence Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been...
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal...
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
While the immediate threat is the social engineering campaign delivering Vidar, the leaked source code itself presents a distinct and...
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Ravie LakshmananApr 03, 2026Mobile Security / Threat Intelligence Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple...
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection...
The $250K Single Point of Failure Hiding in Every SOC
The biggest threat to your SOC is the architecture you built to stop attackers. Every CISO we talk to...
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing Pierluigi Paganini April 02, 2026 Threat actors impersonated CERT-UA...
The Language of Emojis in Threat Intelligence: How Adversaries Signal, Obfuscate, and Coordinate Online
Blogs Blog In this post, we examine how threat actors use emojis across illicit communities, how these symbols function...
NSFOCUS Monthly APT Insights – January 2026
Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of...
Post-Quantum Key Encapsulation Mechanisms in AI Proxy Orchestration
The quantum threat to ai proxy layers Ever wonder if the encrypted data you're sending to an ai model...
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to...
