-
A new wave of identity fraud has hit the remote job market, with North Korean (DPRK) operatives adopting a sophisticated new tactic to bypass hiring screens. This development marks a significant shift in tradecraft. Previously, these operatives often r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical “zero-click” vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as DKIM replay attacks, exploit email authentication systems to deliver scams that appear completely auth…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which potentially exposed staff names and mobile numbers, was neutralized within nine hours of detecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, sophisticated malware campaign dubbed “LTX Stealer.” This malware represents a shift in attacker techniques, utilizing legitimate software frameworks and cloud services to hide its activities and steal sensitive user data. By mimicki…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent remote control. Security researchers observed these attacks starting on February 7, 2026, targeting organ…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korean-backed advanced persistent threat (APT) group known as ScarCruft has significantly evolved its attack techniques. In a departure from their established methods, the group is now using a sophisticated OLE-based dropper to distribute its…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in SKILL.md files, threat actors have now shifted to a simpler approach: hosting malware on convi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new offensive security tool named “RecoverIt” has been released, offering red teamers a stealthy method for lateral movement and persistence by abusing the Windows Service recovery mechanism. The tool circumvents traditional detection met…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
APT activity across APAC is rising rapidly as geopolitical tensions continue to grow, and defenders are seeing more advanced tradecraft aimed at long-term access. Taiwan stood out as the most targeted environment, with 173 tracked attacks far higher th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
