Chrome encryption bypass discovered: New malware steals passwords and cookies
Vojtěch Krejsa, the threat researcher at Gen who first flagged the stealer, calls VoidStealer’s bypass non-noisy. “The bypass requires neither...
threat
NICKEL ALLEY strategy: Fake it ’til you make it
Counter Threat Unit™ (CTU) researchers continue to investigate trends in Contagious Interview campaign activity conducted by NICKEL ALLEY, a threat...
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
Ravie LakshmananMar 21, 2026Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to...
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence Oracle has released security updates to address a critical security flaw impacting Identity...
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner...
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security...
RSAC 2026 Innovation Sandbox | Humanix: People-Oriented Social Engineering Attack Detection and Response
Company Profile Humanix (see Figure 1) is a cybersecurity company focusing on human-centric threat detection and response, dedicated to...
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Ravie LakshmananMar 19, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the...
News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks
AUSTIN, Texas, Mar. 19, 2026, CyberNewswire—SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure...
What Golden Dome Requires from Federal DevSecOps Teams
The threat environment facing the United States is growing more complex and interconnected. Executive Order 14186 identifies the threat...
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Ravie LakshmananMar 18, 2026Network Security / Ransomware Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting...
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Ravie LakshmananMar 17, 2026Threat Intelligence / Endpoint Security North Korean threat actors have been observed sending phishing to compromise targets...
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Following initial access, the threat actors conducted extensive lateral movement using a combination of legitimate administration tools and credential abuse....
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according...
What Are Your DDoS Testing Options in 2026?
No modern business can afford to ignore the threat of DDoS attacks. For many enterprises, reliable online services are...
