-
Russian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber-espionage threat group dubbed Amaranth-Dragon. Active throughout 2025, this group has launched highly targeted attacks against government and law enforcement agencies across Southeast Asia. Evidence links Amaranth-Dragon to APT-41, a notori…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated strain of the DeskVB Remote Access Trojan (RAT) has been identified in the wild, showcasing a highly modular architecture and a complex, multi-stage infection chain. While the malware family itself is not entirely new, this latest itera…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, sophisticated malvertising campaign targeting users in the United States. This attack leverages Facebook’s massive paid advertising platform to lure victims into a tech support scam (TSS) kit. The campaign is notable for its rapid infrastructure…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new evolution in the “ClickFix” social engineering campaigns, dubbed KongTuke. This latest variant, observed actively since late December 2025, distinguishes itself by leveraging DNS TXT records to stage and retrieve malicious payloads, m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has released a security advisory detailing a high-severity vulnerability in Cisco Meeting Management (CMM). The flaw, caused by improper input validation, allows authenticated remote attackers to upload arbitrary files and potentially execute com…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially begun rolling out native System Monitor (Sysmon) functionality to Windows 11, marking a significant shift for threat hunters and security operations centers (SOCs). Released via the Windows 11 Insider Preview Build 26300.7733 (…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to esca…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
