Cyberattack infrastructure often outlives the domains and IP addresses it depends on. Indeed, a new report from Hunt.io reveals just how densely such nodes have clustered across Eastern Europe. From 12 March to 12...
The more stealthy a malicious software remains, the longer its capacity to endure within a compromised system. This guiding philosophy drives the North Korean-linked Lazarus group in its latest offensive against banking institutions and...
Cyberattacks against critical infrastructure increasingly resemble strategic positioning rather than isolated breaches. Consequently, threat actors prepare for future disruptions. The Australian Security Intelligence Organisation (ASIO) recently reported a severe incident. Foreign Advanced Persistent Threat...
With the arrival of digitalization, waterworks and treatment plants have become prime targets for APT hackers. Yet they are not random victims. Rather, attackers deliberately choose them as pressure points within a broader strategy,...
Security researchers have uncovered a Linux flaw that elevates an ordinary local user to root. Remarkably, it does so without altering a single file on disk. Integrity checks may therefore reveal nothing, because the...
The Windows 11 anniversary has officially arrived, marking five years since its turbulent debut. However, this milestone serves primarily as an occasion to reflect upon why the operating system perpetually irritated its user base...
Cryptocurrency bridges remain the most enticing targets for cyberattacks. These digital conduits transfer assets between blockchains. They often represent the most vulnerable link in the ecosystem. The recent breach of the Taiko network perfectly...
Cryptocurrency scam schemes rarely rest on people alone. They need infrastructure to receive, move, and disguise money. Now the U.S. Department of Justice says it has seized a cloud account that served the Huione...
A city transit system rarely sits at the center of a criminal trial. Yet the attack on Transport for London (TfL) caused months of disruption, hit millions of passengers, and ended in guilty pleas...
Threat actors have initiated attempts to exploit the CVE-2026-20230 vulnerability within Cisco Unified servers used for corporate telephony. This critical error allows an unauthenticated, remote attacker to force file creation within the operating system....
A recent ransomware investigation by Microsoft yielded an astonishing revelation. Two entirely distinct and unassociated hacking syndicates were operating concurrently within the victim organization’s network. The primary group entrenched itself within the infrastructure, meticulously...
Attackers infected more than 140 packages from the Mastra AI ecosystem through npm. The malicious code ran right after npm install or npm update. So the infection could reach developer workstations and build servers,...
A bad driver, a broken program, or an error after a Windows update can now be rolled back, along with apps, settings, and local files. Microsoft has released the optional preview update KB5095093 for...
Target/Victims: Klue, LastPass, and others. Delivery Vector: Compromised integration service credentials from 2022. Key Capabilities: Unauthorized Salesforce CRM access via stolen OAuth tokens. Threat Actor: Icarus ransomware group (Suspected). Source: Klue, LastPass, and affected...
FortiBleed began as mass password guessing. Then it grew into an attack chain, where hijacked firewalls gathered fresh credentials for the next breach. A new timeline shows that the published FortiGate password database was...
