-
A new Golang-based backdoor dubbed BLUERABBIT has been observed performing combined data theft, file encryption and destructive disk wiping against Windows hosts. First seen in mid-to-late March 2026 and suspected to target Israeli entities, BLUERABBIT…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The impact of residential proxies across our customer base by compiling billions of DNS resolutions and the associated network telemetry. The Kimwolf Botnet inside our enterprise customer networks. Follow‑up analysis of billions of DNS resolutions acr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese-language “guarantee” marketplaces hosted mainly on Telegram have become a core conduit for buying, selling, and laundering stolen credentials and a wide range of criminal services. These platforms modeled explicitly on consumer escrow systems s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two closely related espionage campaigns targeting Cambodian government organizations that abuse a legitimate VMware-signed binary to sideload a custom loader dubbed NIGHTFORGE, which in turn deploys a Havoc Demon implant in memory. TRU attributes both …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors increasingly abuse Amazon Web Services (AWS) CloudTrail and Google Cloud Logging to evade detection, poison or exfiltrate logs, and in some cases maintain long-term visibility into victim environments. The techniques are simple in concept…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released security updates for GitLab CE/EE and EE that patch multiple vulnerabilities, including several high‑impact flaws that could lead to account takeover, data exposure, and denial of service if left unpatched. Administrators are strong…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant resurgence of the JDY botnet, a covert reconnaissance network tied to China-nexus threat activity. Once a component of the larger KV-botnet ecosystem, JDY has expanded to more than 1,500 compromised small office/home office (SOHO) and Int…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept (PoC) exploit has been publicly released for a critical Linux kernel vulnerability, tracked as CVE-2026-46316, enabling guest-to-host escape in KVM/arm64 environments. The flaw, dubbed “ITScape” by security researcher Hyunwoo Kim (V4…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti Sentry is facing active exploitation attempts following the public release of proof-of-concept (PoC) code targeting a critical OS command injection vulnerability tracked as CVE-2026-10520. The flaw, along with a second critical issue (CVE-2026-1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic’s latest AI release, Claude Fable 5, is facing scrutiny after claims emerged that researchers have successfully jailbroken the model to generate sensitive and potentially harmful outputs, including guidance relevant to exploit development and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
