Tag Archives: it security

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting...

09
Feb
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

Cyber threats are no longer coming from just malware or exploits. They’re showing up inside...

09
Feb
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring

Why do SOC teams keep burning out and missing SLAs even after spending big on...

09
Feb
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan...

09
Feb
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Cybersecurity researchers have called attention to a “massive campaign” that has systematically targeted cloud native...

09
Feb
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and...

09
Feb
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw (formerly Moltbot and Clawdbot) has announced that it’s partnering with Google-owned VirusTotal to scan...

08
Feb
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

Germany’s Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV)...

07
Feb
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife...

06
Feb
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB)...

06
Feb
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

A previously undocumented cyber espionage group operating from Asia broke into the networks of at...

06
Feb
Can you help the NCSC with the next phase of EASM research?
February 6, 2026

Organisations with experience in external attack surface management can help us shape future ACD 2.0...

How Samsung Knox Helps Stop Your Network Security Breach

As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls...

06
Feb
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm...

06
Feb
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus...

06
Feb
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack...

05
Feb
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind...

05
Feb
The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS...

05
Feb
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its...

05
Feb
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that,...

05
Feb
Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers

Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted...

05
Feb
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors...

04
Feb
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs...

04
Feb
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

Threat actors affiliated with China have been attributed to a fresh set of cyber espionage...

04
Feb
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The...

04
Feb
The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Many incident response failures do not come from a lack of tools, intelligence, or technical...

04
Feb
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS...

04
Feb
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security...

04
Feb
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw...

04
Feb
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial...

03
Feb