-
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “P…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A dramatic escalation in Middle Eastern tensions began last week with Operation Lion’s Roar, a joint U.S.-Israeli military strike on Iranian nuclear and military sites. Iran retaliated with missiles and drones, disrupting energy, air travel, and …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ransomware operators are increasingly abusing Microsoft’s trusted Azure data transfer utility, AzCopy, to quietly exfiltrate sensitive data before encryption, turning a routine cloud migration tool into a stealthy theft channel. Instead of relying on o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code with root privileges without requiring any user interaction. The attack bypasse…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog. This flaw, identified as CVE-2026-22719, is currently …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign has recently emerged, leveraging Google Cloud’s trusted infrastructure to host malicious redirects. The campaign’s technical structure leverages Google Cloud Storage legitimate domain, googleapis.com, which is widely t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor known as FulcrumSec has claimed responsibility for a data breach at LexisNexis Legal & Professional, the legal information division of RELX Group. The actor alleges they have stolen 2.04 GB of structured data from the company’s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft recently uncovered sophisticated phishing campaigns that exploit the by-design redirection mechanisms of the OAuth 2.0 protocol. Threat actors are targeting government and public-sector organizations by manipulating legitimate authentication …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Silver Dragon is a Chinese‑aligned APT group that has been targeting public sector and high‑profile organizations in Europe and Southeast Asia since at least mid‑2024, with strong operational overlap to APT41 tradecraft. The group combines classic post…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
