Security Issues, Vulnerabilities, Exploits & Government Alerts
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected…
Jan 10, 2026Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based…
Jan 10, 2026Ravie LakshmananCybercrime / Financial Crime Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of…
Jan 09, 2026Ravie LakshmananVirtualization / Vulnerability Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed…
Jan 09, 2026Ravie LakshmananEmail Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as…
Jan 09, 2026The Hacker NewsArtificial Intelligence / Enterprise Security As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by headlines and speculation rather than evidence. The real challenge isn’t…
Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary…
Jan 09, 2026Ravie LakshmananGovernment / Vulnerability Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it’s retiring 10 emergency directives (Eds) that were issued between 2019 and 2024. The list of the…
Jan 09, 2026Ravie LakshmananMobile Security / Email Security The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting…
Jan 08, 2026Ravie LakshmananMalware / Financial Crime Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The…