-
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.
·
A Little Sunshine, Agentic AI, AI Agents, AI assistant, Amazon AWS, Anthropic, CJ Moses, Claude, ClawdBot, Cline, Copilot, DVULN, FortiGate, grith.ai, James Wilson, Jamieson O’Reilly, Latest Warnings, Laura Ellis, Matt Schlict, Meta, Microsoft, Moltbook, Moltbot, OpenClaw, Orca Security, Rapid7, Risky Business, Roi Nisimi, Saurav Hiremath, Simon Willison, Snyk, Summer Yue, The Coming Storm, Web Fraud 2.0¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world’s largest and most disruptive botnet. Since then, the person in control of Kimwolf — who goes by the handle “Dort” — has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher’s home. This post examines what is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and then acts as a relay between the target and the legitimate site — forwarding the victim’s username, password and multi-factor authentication (MFA) code to the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators, and cybercrime services that appear to have benefitted from Kimwolf’s spread.
·
3XK Tech GmbH, A Little Sunshine, Aisuru, AT&T, Benjamin Brundage, Breadcrumbs, ByteConnect, Cassidy Hales, DDoS-for-Hire, Dort, Ethereum Name Service, Flashpoint, Forky, Friedrich Kraft, GreyNoise Intelligence, Internet of Things (IoT), Julia Levi, Kimwolf, Linus, Maskify, Ne’er-Do-Well News, Plainproxies, Resi Rack LLC, Shox, Snow, Synthient, XLab¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date.
·
911s5, 922 Proxy, A Little Sunshine, Aisuru, AISURU Botnet, Akamai Technologies, Android Debug Bridge, BadBox 2.0, Ben Brundage, Chad Seaman, DDoS-for-Hire, HUMAN Security, IPidea, Kimwolf, Kimwolf botnet, krebsfiveheadindustries, Latest Warnings, Lindsay Kaye, Oxylabs, Quokka, residential proxy, Riley Kilmer, Spur, Synthient, Uhale app, Web Fraud 2.0, XLab¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge “thank you” to all of our readers — newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled complex and globally-dispersed cybercrime services.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly expired or dormant domain names, or common misspellings of popular websites — are now configured to redirect visitors to sites that foist scams and malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious connections to a Kremlin-connected oligarch whose Russian university builds drones for Russia’s war against Ukraine.
·
A Little Sunshine, Alexander Korsukov, Alexey Pokatilo, AW Tech Limited, Awesome Technologies, Brian Mellor, CLS Research LTD, Filip Perkon, Geekly Solutions Ltd, Livingston Research, Marina Butina, NatInfoSec, North Data, OK Marketing LTD, Olekszij Pokatilo, Proglobal Solutions LTD, Russia’s War on Ukraine, Russian Business Week, Russian Diplomatic Online Club, Synergy, Synergy University, Tweetsquad, Two Sigma Solutions LTD, Vadim Lobov, VLS Research LTD¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
