The South Korean threat collective APT-C-06, more infamously recognized as DarkHotel, has reasserted its presence through a sequence of incursions identified in the latter half of 2025. Following their operational surge in June—which favored...
Adversaries affiliated with the KongTuke threat collective have inaugurated a sophisticated malicious lineage dubbed CrashFix, specifically engineered to compromise Google Chrome users. According to findings from Huntress, the incursion commences with the procurement of...
To infiltrate a corporate network, adversaries are increasingly eschewing the search for server vulnerabilities or the deployment of intricate exploits. It has proven far more lucrative to adopt a simpler, more clandestine approach: usurping...
A comprehensive architectural analysis of the malicious infrastructure within China has unearthed over 18,000 command-and-control (C2) servers distributed across 48 distinct hosting providers. This extensive dataset illuminates the symbiotic coexistence of phishing campaigns, deleterious...
GotMeta A Python tool for discovering, downloading, and extracting metadata from publicly available files on target domains. Useful for OSINT. Features File Finder – Find publicly available files on target domains Metadata Extraction – Extract all...
A collective of Venezuelan nationals, implicated in a sophisticated series of fiscal exfiltrations from automated teller machines via malicious software, has formally entered a plea of guilt to charges of bank fraud. These incursions...
A Singaporean tribunal has dismissed a motion filed by Wang Yunhe, a Chinese national indicted in the United States for his alleged orchestration of an expansive cybercriminal enterprise. The petitioner sought to challenge the...
A Jordanian national residing in Georgia has formally confessed to his involvement in the illicit trade of unauthorized access to corporate networks. According to American law enforcement, the individual functioned as a clandestine intermediary,...
For several hours, the official portal of the Georgian government inadvertently hosted sensitive information that authorities would have preferred to remain sequestered from public scrutiny. The disclosure pertained to the procurement of Russian gas...
A critical vulnerability has emerged within a popular utility for the Laravel framework, effectively transmuting a standard file uploader into a conduit for remote arbitrary code execution. The flaw resides in Livewire Filemanager, where...
Sometimes, the most mortifying missives are dispatched not by intent, but by a stray, clumsy gesture. It appears Google is poised to render one of the more precarious features within Google Messages significantly less...
Occasionally, the most unforeseen vulnerabilities reside not within nascent code, but within foundations that have been deemed unimpeachable for decades. This week, developers disclosed CVE-2026-0915 within the GNU C Library (glibc), a cornerstone of...
