-
A significant surge in Odyssey Stealer activity is currently targeting macOS users across multiple continents, with recent telemetry data revealing a dramatic geographic expansion of this sophisticated information-stealing campaign. Security researcher…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as A…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environ…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) softw…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponiz…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing spam campaign that leverages social engineering to deploy legitimate Remote Monitoring and Management (RMM) software on victim networks. By disguising malicious payloads as essential Adobe Acrobat updates, threat actors are successfully bypa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Indian users’ trust in government services through a sophisticated Android malware campaign that impersonates Regional Transport Office (RTO) challan notifications. This campaign represents an evolution from previous RTO-themed malware, featuring…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
