-
New phishing activity is again abusing the Booking.com ecosystem to defraud both hotel partners and their guests, using a coordinated multi‑stage campaign that blends email, infrastructure abuse, and social engineering across email and WhatsApp. The pr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe “log poisoning” vulnerability has been discovered in the popular OpenClaw AI assistant, potentially allowing attackers to manipulate the agent’s behaviour through indirect prompt injection. OpenClaw, an open-source autonomous…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign, dubbed CRESCENTHARVEST, that abuses the ongoing Iran protest narrative to deliver a powerful information‑stealing remote access trojan (RAT) against Farsi‑speaking users. The operation appears tailored to supporters of the prote…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by Chinese state-sponsored hackers since mid-2024. Mandiant and Google Threat Intelligence Group (GTIG) attribute this campaign to UNC6201, a threat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals abused Atlassian Cloud’s trusted infrastructure to run a burst of highly automated spam campaigns that redirected victims to fraudulent investment schemes and online casinos, highlighting the growing risk of SaaS-powered email abuse. By …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring pre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Washington Hotel, a prominent hotel chain in Japan, has confirmed a ransomware attack that compromised several of its servers on February 13, 2026. The incident was detected at 10:00 PM when unauthorized access was identified on multiple servers, promp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Matanbuchus 3.0 has resurfaced in a tightly orchestrated intrusion chain that blends ClickFix social engineering, silent MSI installations, DLL sideloading, and a new remote access trojan dubbed AstarionRAT, underscoring how mature loaders are evolving…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major security vulnerability was recently discovered in the online infrastructure of Dava India, one of the country’s largest generic pharmacy retail chains. The breach, identified by security researcher Eaton, exposed sensitive customer person…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing Cl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
