-
AI-generated phishing is rapidly reshaping email risk, with more attacks slipping past filters and landing directly in users’ inboxes, even though AI-generated emails remain a minority of total phishing. The human element remains central: 68% of …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly uncovered malware campaign dubbed KadNap has silently conscripted more than 14,000 internet‑exposed routers and edge devices into a stealth proxy botnet, with Asus routers the primary victims. More than 60% of known victims are located in the U…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of ClickFix campaigns targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in threat actor tactics against Apple devices. The attacks rely heavily on social engineering rather than software exploits, tricki…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly exploiting legitimate Remote Monitoring and Management (RMM) tools to breach corporate networks and establish persistent access. This tactic allows attackers to bypass traditional security defenses by blending malicious a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent Microsoft 365 credential harvesting campaign shows how attackers are exploiting CloudFlare’s protective features to shield malicious phishing sites from security scanners and threat researchers. CloudFlare is widely used by organizations to im…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks has issued a security advisory regarding a newly discovered vulnerability in its Cortex XDR Broker Virtual Machine (VM). Tracked as CVE-2026-0231, this medium-severity flaw could allow a threat actor to access and modify sensitive sy…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ericsson Inc., the United States subsidiary of the Swedish telecommunications giant, has confirmed a data breach affecting 15,661 of its employees and customers. The security incident did not breach Ericsson’s own networks but instead compromised…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign that abuses the Deno JavaScript runtime to deliver CastleRAT, a powerful remote access trojan designed for espionage and data theft. The campaign demonstrates how attackers are increasingly combining social engineering,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity Remote Command Execution (RCE) vulnerability has been discovered in Splunk Enterprise and Splunk Cloud Platform, exposing systems to severe security risks. Tracked officially as CVE-2026-20163 with a CVSS score of 8.0, this critical fla…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued high-severity software updates to address two high-severity privilege escalation vulnerabilities in its IOS XR Software. Network administrators must take immediate action, as these security flaws could allow an authenticated, local att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
