-
A sophisticated modular botnet known as GoBruteforcer is actively targeting Linux servers worldwide, with researchers estimating that more than 50,000 internet-facing servers remain vulnerable to these coordinated attacks. The threat, which has evolved…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Huntress security researchers have uncovered a sophisticated VMware ESXi exploitation campaign using a zero-day toolkit that remained undetected for over a year before VMware’s public disclosure. The December 2025 intrusion, which began through a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in email HTML, a tactic designed to sidestep security tools that focus on …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in n8n, the popular workflow automation tool, potentially allowing authenticated attackers to execute arbitrary code on the host server. Identified as CVE-2026-21877, this high-severity vulnerabilit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO‑poisoning campaigns that deliver a broad range of information‑stealing and remote‑access malware, according to new research. First observed in the wild on April 24, 202…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation that have security researchers deeply concerned. Trellix, w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese threat actors are conducting an aggressive campaign that distributes NFC-enabled Android malware capable of intercepting and remotely relaying payment card data via Telegram. Identified as “Ghost Tap” and linked to threat groups inc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in the TOTOLINK EX200 Wi-Fi extender that allows attackers to gain complete control over the device. The vulnerability involves a logic error in how the device handles failed firmware u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted cloud platforms to lend legitimacy to their malicio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The group’s operations, which began in December 2020 by targeting Microsoft Ex…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
