-
A new wave of ClickFix campaigns targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in threat actor tactics against Apple devices. The attacks rely heavily on social engineering rather than software exploits, tricki…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly exploiting legitimate Remote Monitoring and Management (RMM) tools to breach corporate networks and establish persistent access. This tactic allows attackers to bypass traditional security defenses by blending malicious a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent Microsoft 365 credential harvesting campaign shows how attackers are exploiting CloudFlare’s protective features to shield malicious phishing sites from security scanners and threat researchers. CloudFlare is widely used by organizations to im…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks has issued a security advisory regarding a newly discovered vulnerability in its Cortex XDR Broker Virtual Machine (VM). Tracked as CVE-2026-0231, this medium-severity flaw could allow a threat actor to access and modify sensitive sy…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ericsson Inc., the United States subsidiary of the Swedish telecommunications giant, has confirmed a data breach affecting 15,661 of its employees and customers. The security incident did not breach Ericsson’s own networks but instead compromised…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign that abuses the Deno JavaScript runtime to deliver CastleRAT, a powerful remote access trojan designed for espionage and data theft. The campaign demonstrates how attackers are increasingly combining social engineering,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity Remote Command Execution (RCE) vulnerability has been discovered in Splunk Enterprise and Splunk Cloud Platform, exposing systems to severe security risks. Tracked officially as CVE-2026-20163 with a CVSS score of 8.0, this critical fla…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued high-severity software updates to address two high-severity privilege escalation vulnerabilities in its IOS XR Software. Network administrators must take immediate action, as these security flaws could allow an authenticated, local att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iran-linked cyber actors are increasingly working with the broader cybercrime ecosystem, using criminal tools, infrastructure, and business models to support state-backed operations and hide their involvement. For years, Iranian intelligence services h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On March 11, 2026, the global medical technology giant Stryker suffered a devastating cyberattack that brought its worldwide IT operations to a sudden halt. Iranian-linked threat actors breached the company’s network. They deployed highly destruc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
