threat intelligence

Blitz Brigantine Weaponizes Email Bombing and DNS MX Records to Deploy AOBackdoor Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Blitz Brigantine Weaponizes Email Bombing and DNS MX Records to Deploy AOBackdoor

Ddos March 16, 2026

Cybersecurity experts at BlueVoyant have uncovered a sophisticated evolution in the tactics of the threat group known...

Blurring the Lines: How Iranian State Hackers are Weaponizing RaaS and the Cybercriminal Underground Iranian Cyber Espionage Void Manticore

Iranian Cyber Espionage Void Manticore

Blurring the Lines: How Iranian State Hackers are Weaponizing RaaS and the Cybercriminal Underground

Ddos March 15, 2026

A striking evolution is occurring in the world of state-sponsored cyber warfare. According to a recent deep-dive...

Silence of the Hops: The KadNap Botnet Conscripts 14,000 Routers KadNap Botnet Asus Routers

KadNap Botnet Asus Routers

Silence of the Hops: The KadNap Botnet Conscripts 14,000 Routers

Ddos March 15, 2026

Cybersecurity researchers at Black Lotus Labs, the threat intelligence arm of Lumen Technologies, have unmasked a sophisticated...

SentinelOne Unmasks Exploitation of FortiGate Appliances as Gateways to Network Takeover

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

SentinelOne Unmasks Exploitation of FortiGate Appliances as Gateways to Network Takeover

Ddos March 15, 2026

The SentinelOne Digital Forensics & Incident Response (DFIR) team issued a warning: the very appliances designed to...

Unit 42 Unmasks CL-STA-1087’s Years-Long Cyber Espionage Against Asian Militaries UNC5221 HAFNIUM Extradition PRC State Espionage

UNC5221 HAFNIUM Extradition PRC State Espionage

Unit 42 Unmasks CL-STA-1087’s Years-Long Cyber Espionage Against Asian Militaries

Ddos March 13, 2026

Security researchers at Unit 42 have pulled back the curtain on a sophisticated espionage cluster they’ve dubbed...

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration

Ddos March 13, 2026

A recent deep-dive investigation from Trend Micro Managed Detection and Response (MDR) has unmasked the evolving tactics...

TaxiSpy RAT: New Android Banking Trojan Targets Russian Financial Sector RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

RuTaxi Trojan Android Banking Malware Pixel 9 zero-click exploit, Dolby UDC vulnerability CVE-2025-54957 NexusRoute Android RAT, India E-Challan Phishing ClayRat Self-Defense, Android Accessibility Abuse Android Trojan, AntiDot Android Malware "BadPack"

TaxiSpy RAT: New Android Banking Trojan Targets Russian Financial Sector

Ddos March 13, 2026

A highly sophisticated Android Banking Trojan has emerged, combining traditional financial theft with advanced Remote Access Trojan...

High-Privilege Havoc: Splunk Patches RCE Flaw Lurking in File Previews Splunk Enterprise Vulnerabilities CVE-2026-20240 Splunk RCE CVE-2026-20204 Splunk RCE Vulnerability CVE-2026-20163 Splunk Enterprise Vulnerabilities CVE-2026-20140 Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

Splunk Enterprise Vulnerabilities CVE-2026-20240 Splunk RCE CVE-2026-20204 Splunk RCE Vulnerability CVE-2026-20163 Splunk Enterprise Vulnerabilities CVE-2026-20140 Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

High-Privilege Havoc: Splunk Patches RCE Flaw Lurking in File Previews

Ddos March 12, 2026

Splunk has released a critical security advisory regarding a high-severity Remote Command Execution (RCE) vulnerability, tracked as...

Cyber Escalation in the Middle East: Disruption, Deception, and the Quest for Data

State-Sponsored Espionage

Cyber Escalation in the Middle East: Disruption, Deception, and the Quest for Data

Ddos March 12, 2026

A new report from Rapid7 Labs highlights a significant spike in retaliatory cyber activity targeting both regional...

Iran-Aligned TA453 Weaponizes ‘Operation Epic Fury’ for Cyber Espionage Operation Epic Fury TA453 Phishing

Operation Epic Fury TA453 Phishing

Iran-Aligned TA453 Weaponizes ‘Operation Epic Fury’ for Cyber Espionage

Ddos March 12, 2026

In the wake of the February 2026 military strikes known as Operation Epic Fury, a new front...

The Dark Side of Telegram: How Cybercriminals Weaponize Bot APIs for Stealthy Data Exfiltration

Telegram Bot API Data Exfiltration

The Dark Side of Telegram: How Cybercriminals Weaponize Bot APIs for Stealthy Data Exfiltration

Ddos March 12, 2026

While millions use Telegram for secure, instant messaging, a darker side of the platform is emerging in...

Operation False Siren: The Weaponization of Israel’s Red Alert App for Geo-Fenced Espionage Goldoon Botnet Operation False Siren Red Alert Spyware

Goldoon Botnet Operation False Siren Red Alert Spyware

Operation False Siren: The Weaponization of Israel’s Red Alert App for Geo-Fenced Espionage

Ddos March 12, 2026

A highly targeted mobile espionage campaign has been uncovered targeting Israeli citizens. Dubbed Operation False Siren, this...

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding UPI SIM-Binding Bypass LSPosed Framework

UPI SIM-Binding Bypass LSPosed Framework

Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding

Ddos March 12, 2026

According to a critical new report from CloudSEK, threat actors have moved beyond simple app modifications to...

APT-C-23 Weaponized Israel’s ‘Red Alert’ App for Mobile Espionage Red Alert Trojan APT-C-23

Red Alert Trojan APT-C-23

APT-C-23 Weaponized Israel’s ‘Red Alert’ App for Mobile Espionage

Ddos March 11, 2026

The Acronis Threat Research Unit (TRU) has identified a calculated campaign distributing a trojanized version of the...

Microsoft Exposes How Hackers Use Generative Models as a Force Multiplier Malicious AI AI Memory Poisoning

Malicious AI AI Memory Poisoning

Microsoft Exposes How Hackers Use Generative Models as a Force Multiplier

Ddos March 11, 2026

The same AI technologies revolutionizing global productivity are now being “operationalized” by cyber adversaries to sharpen their...

The Vibe-Coding Trap: Fake Claude Code Installers Unleash Amatera Malware via Search Ads Claude Code Malvertising Amatera Malware

Claude Code Malvertising Amatera Malware

The Vibe-Coding Trap: Fake Claude Code Installers Unleash Amatera Malware via Search Ads

Ddos March 11, 2026

In the fast-paced world of AI development, “vibe-coding” has become a popular term for rapid, experimental building....

Zscaler Uncovers 8,000+ Domains and APT Backdoors Exploiting Middle East Tensions Middle East Cyber Threats

Middle East Cyber Threats

Zscaler Uncovers 8,000+ Domains and APT Backdoors Exploiting Middle East Tensions

Ddos March 11, 2026

Zscaler ThreatLabz is currently tracking a significant surge in cybercriminal operations that capitalize on the elevated political...

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure CL-UNK-1068 Chinese APT

CL-UNK-1068 Chinese APT

CL-UNK-1068: The Stealthy Chinese Threat Actor Haunting Asian Infrastructure

Ddos March 11, 2026

Since 2020, a sophisticated cluster of activity has been quietly infiltrating high-value organizations across South, Southeast, and...

Dutch Intelligence Warning: Russian State Actors Targeting Signal and WhatsApp WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Dutch Intelligence Warning: Russian State Actors Targeting Signal and WhatsApp

Ddos March 10, 2026

In a significant Cybersecurity Advisory released in March 2026, the Netherlands Defence Intelligence and Security Service (MIVD)...

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Exploiting the Crisis: Chinese APTs Weaponize Middle East Tensions to Target Qatar with PlugX

Ddos March 10, 2026

Following recent regional escalations, researchers have identified a sharp increase in activity from Chinese-nexus APT (Advanced Persistent...