-
Infostealers continue to dominate the initial access landscape in 2026, driving breaches through scalable credential theft. Among these, DarkCloud has emerged as a major threat, illustrating how low-cost, commercialized malware is reshaping enterprise …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Firefox has launched a major update to help protect web applications from Cross-Site Scripting (XSS) attacks. With the release of Firefox 148, Mozilla introduces the new standardized Sanitizer API, making it the first browser to ship this built-in secu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly surfaced Remote Access Trojan (RAT) named Stealer is rapidly gaining traction across cybercrime networks, fueling a fresh wave of double-extortion incidents against enterprise targets. It offers features such as HVNC (Hidden Virtual Network Com…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Offensive security operations are evolving with a new method for running Kali Linux. By combining Kali with Anthropic’s Claude AI via the Model Context Protocol (MCP), security analysts can now execute penetration testing tools using simple natural lan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google and its partners have disrupted a major Chinese state-linked cyber espionage campaign that breached at least 53 telecommunications and government entities across 42 countries on four continents. The operation, led by Google Threat Intelligence G…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has released urgent updates to patch a critical zero-day vulnerability in its Catalyst SD-WAN products. A highly sophisticated threat actor, known as UAT-8616, is actively exploiting this flaw in the wild to gain deep access to enterprise network…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers can repurpose the Cortex XDR Live Terminal feature as a stealthy, EDR‑trusted command‑and‑control (C2) channel, effectively turning a built‑in response tool into a “living off the land” backdoor on protected endpoints. This abuse leverages the …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation in the wild. The vulnerability affects FileZen, a file-sharing and da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SolarWinds has released a critical security update for its Serv-U file transfer software, patching four vulnerabilities that could allow attackers to execute arbitrary code with root-level privileges on affected servers. All four flaws carry a CVSS sco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals have launched a convincing phishing operation by building a fake Avast website designed to steal credit card information from unsuspecting visitors. The fraudulent page mimics Avast’s official portal almost perfectly, complete with the g…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
