14+ hour, 45+ min ago  (378+ words) Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to locking out administrators and sabotaging systems at his former New Jersey-based employer in an attack that began in November…...

15+ hour, 36+ min ago  (488+ words) Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic largely unchanged. The campaign abuses Windows Task Scheduler, Dropbox, and bundled Python runtimes to evade detection and maintain…...

14+ hour, 28+ min ago  (432+ words) As part of its ongoing efforts to keep devices secure, similar to routine patch deployments that address critical system vulnerabilities, the tech giant is forcefully upgrading all eligible Home and Pro devices currently running version 24H2. For consumers and small businesses…...

1+ day, 20+ hour ago  (560+ words) It is now expanding to Middle Eastern diplomatic targets, combining web bug reconnaissance with constantly evolving malware delivery chains that culminate in a customized PlugX backdoor. From mid-2025, TA416 restarted regular targeting of European government and diplomatic entities after a two'year lull,…...

21+ hour, 41+ min ago  (435+ words) The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targeting the defense layer itself during the early stages…...

21+ hour, 30+ min ago  (1561+ words) From critical productivity suites like Microsoft 365 and Google Workspace to specialized CRM, HR, and development tools, SaaS is ubiquitous. However, this convenience comes with a significant security caveat: a vast and often unmanaged attack surface. This escalating complexity underscores the…...

17+ hour, 19+ min ago  (320+ words) The malware cleverly disguises itself as a helpful tool, capitalizing on OpenAI's recent decision to serve advertisements to its free-tier users. Instead of blocking ads, the extension systematically harvests user prompts, chat history, and metadata. The technical execution of this…...

19+ hour, 59+ min ago  (735+ words) A newer variant called'Twizt'gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a peer'to'peer (P2P) protocol, allowing infected machines to share commands and node lists directly with each other. This hybrid design means Phorpiex can keep operating even if…...

19+ hour, 30+ min ago  (523+ words) TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. Users must apply the latest firmware update…...

21+ hour, 25+ min ago  (699+ words) A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korea'related actors,…...