Skip to content
Security News, Assessments & Alerts Page 7

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign,… 

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Swati KhandelwalJul 06, 2026Cyber Espionage / Endpoint Security Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in… 

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model,… 

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of… 

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity… 

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is…