Latest updates from top security sources
Checkmarx has confirmed that threat actors from TeamPCP published a malicious version of the Jenkins AST plugin to the Jenkins Marketplace. The compromised version, 2.0.13-829.vc72...
Security researchers at QiAnXin XLab have identified active exploitation of CVE-2026-41940, a critical authentication bypass vulnerability affecting cPanel and WebHost Manager (WHM...
A sophisticated phishing operation dubbed "Operation HookedWing" has been systematically targeting organizations across critical sectors for over four years, according to threat in...
Ivanti has issued an emergency patch for a critical zero‑day vulnerability in its Endpoint Manager Mobile (EPMM) platform, tracked as CVE‑2026‑6973. The flaw, rated 9.1 on the CVSS...
Kaspersky researchers have uncovered a convergence between the pro‑Ukraine hacktivist group BO Team and the advanced threat actor Head Mare, revealing that the two have begun shari...
Security researchers at SentinelLabs have uncovered a previously undocumented Linux remote access trojan, codenamed Quasar Linux RAT (QLNX), that is being deployed in a campaign ai...
ShinyHunters, the notorious threat group behind a string of high‑profile data thefts, announced on March 5 that it had executed a second intrusion into Instructure, the education‑t...
Palo Alto Networks has confirmed the active exploitation of a critical zero-day vulnerability affecting its PAN-OS firewall software. The flaw, tracked as CVE-2024-3400 and rated c...
Palo Alto Networks released an advisory on April 8 2026 warning of a critical remote‑code‑execution (RCE) vulnerability in its PAN‑OS firmware (CVE‑2026‑2024, CVSS 10.0). The flaw ...
Two U.S. nationals were sentenced to 18 months in federal prison each for managing laptop farms that facilitated North Korean IT workers in securing remote positions at nearly 70 A...
Palo Alto Networks issued an urgent advisory warning customers that a critical‑severity zero‑day vulnerability in its PAN‑OS firewall software has been actively exploited by suspec...
The Iranian state-sponsored threat actor MuddyWater, also tracked as Mango Sandstorm, Seedworm, and Static Kitten, has been linked to a sophisticated cyberattack that leveraged Mic...
Security analysts have uncovered a sophisticated intrusion campaign leveraging the CloudZ remote access trojan (RAT) alongside a previously undocumented plugin called Pheno to targ...
As the conflict with Iran intensifies, cyber operatives have turned their focus on the United Arab Emirates, with breach attempts spiking threefold over the past few weeks. Securit...
MuddyWater, the Iranian advanced persistent threat (APT) group also tracked as Static Kitten, has been observed disguising its espionage operations behind a non‑functional Chaos ra...
Security researchers have linked a newly tracked China‑nexus threat cluster, designated UAT‑8302, to a wave of cyber‑espionage operations targeting government agencies in South Ame...
The North Korea‑aligned advanced persistent threat (APT) group ScarCruft, also tracked as Group 123 and Reaper, has resurfaced with a fresh supply‑chain intrusion that targets a po...
Microsoft’s Threat Intelligence Center (MSTIC) has released details of a large‑scale credential‑harvesting operation that successfully targeted roughly 35,000 users in 26 countries...
Security researchers have uncovered a previously undocumented Linux implant, dubbed Quasar Linux (QLNX), that is actively targeting software developers. Discovered during an invest...
The North Korean threat group APT37, also tracked as ScarCruft, has been observed delivering an Android variant of its BirdCall backdoor through a supply‑chain compromise of a popu...
The China-based advanced persistent threat (APT) group Silver Fox, also tracked as Monarch, SwimSnake, The Great Thief of Valley, UTG-Q-1000, and Void Arachne, has launched a sophi...
Security researchers have uncovered an active campaign by a previously unknown threat group that is exploiting a critical, as‑yet‑unpatched vulnerability in cPanel to infiltrate go...
Physical cargo theft is no longer the domain of opportunistic street gangs; it has morphed into a high‑tech enterprise orchestrated by transnational cybercriminal syndicates. Accor...
Security researchers have uncovered a sophisticated campaign by the China-backed advanced persistent threat (APT) group Silver Fox, targeting organizations in India and Russia with...
A newly uncovered Vietnamese‑linked phishing campaign has compromised roughly 30,000 Facebook accounts by abusing Google’s low‑code AppSheet platform as a covert relay. Researchers...
Cybersecurity researchers have uncovered a sophisticated espionage operation linked to Chinese state actors, targeting a broad spectrum of victims across Asia and a NATO member sta...
North Korean advanced persistent threat (APT) groups have consolidated their dominance over the cryptocurrency threat landscape in 2026, accounting for an estimated 76 % of all dig...
Atos Threat Research Center (TRC) uncovered in March 2026 a highly resilient malicious operation that distributes a remote‑access trojan called EtherRAT. The campaign abuses GitHub...
A coordinated cyberattack leveraging a newly identified wiper malware, named Lotus Wiper, has struck several energy companies and utility providers in Venezuela, according to a rep...
Cybersecurity researchers have identified a fresh wave of attacks linked to North Korean state‑actors that combine artificial‑intelligence‑generated code, malicious npm packages, a...
BlueNoroff, the North Korean threat group tracked as an advanced persistent threat (APT), has refined its attack playbook by weaponizing fake Zoom calls to snare cryptocurrency exe...
The ransomware ecosystem was rocked in early 2026 when two prominent ransomware‑as‑a‑service (RaaS) operations, 0APT and KryBit, turned on each other, spilling a treasure trove of ...
A Chinese national linked to the Silk Typhoon advanced persistent threat (APT) group has been handed over to U.S. authorities after being arrested in Italy in July 2025. Xu Zewei, ...
Cybersecurity researchers have identified a sophisticated campaign conducted by the threat actor UNC6692, who is combining social engineering, custom malware, and cloud infrastruct...
Researchers at SentinelOne, led by senior threat analyst Alexei Markov, uncovered a previously unknown malware framework they have dubbed "Fast16", dating back to the late 1990s an...
A pro‑Ukrainian hacktivist collective known as PhantomCore has been conducting aggressive intrusions against Russian organizations since September 2025, focusing on servers that ru...
Security researchers at Trend Micro have uncovered a previously unknown Lua‑based malicious framework, dubbed "fast16", that was created several years before the infamous Stuxnet w...
Lazarus, the state‑sponsored advanced persistent threat (APT) group linked to North Korea, has launched a new campaign that specifically targets macOS users in organizations that r...
Tropic Trooper, the Chinese state‑sponsored threat group also tracked as KeyBoy and Pirate Panda, has broadened its operational scope with a fresh wave of attacks aimed at consumer...
Security researchers at Secureworks’ Counter Threat Unit (CTU) have uncovered a sophisticated espionage operation conducted by a Chinese state‑sponsored APT that targeted Mongolian...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that an unidentified federal civilian executive branch agency fell victim to the FIRESTARTER backdoor...
NASA's Office of Inspector General (OIG) has disclosed a sophisticated spear‑phishing campaign orchestrated by a Chinese national who masqueraded as a U.S. defense researcher. The ...
Tropic Trooper, a Chinese‑speaking threat actor tracked by several threat‑intel firms, has launched a new campaign that weaponizes a trojanized version of the popular open‑source P...
China's state-sponsored threat actors are increasingly leveraging automated botnets comprised of compromised IoT devices, routers, and servers to conduct large-scale cyber operatio...
According to the latest Dark Reading analysis, the weekly number of cyberattacks directed at African organizations dropped by 22 % over the past year, falling from roughly 5,400 in...
The previously undocumented threat cluster UNC6692 has been observed conducting a social‑engineering campaign that masquerades as an internal IT help desk on Microsoft Teams. The a...
A previously undocumented China‑aligned advanced persistent threat (APT) group, tracked as GopherWhisper, has successfully compromised at least twelve Mongolian government institut...
Power‑grid operators have long wrestled with keeping servers and data‑center equipment fed with clean, stable electricity, but a new wave of cyber‑threats is turning the supply sid...
Tyler Robert Buchanan, a 24‑year‑old British national known in the cybercrime underground as “Tylerb,” pleaded guilty on June 5 2024 in a U.S. District Court to one count of wire‑f...
A newly identified Chinese advanced persistent threat (APT) group has launched a coordinated cyber‑espionage campaign against major Indian financial institutions and South Korean p...
Security researchers have identified a sophisticated campaign by North Korean threat actor Sapphire Sleet targeting macOS users through ClickFix attack vectors. The group, tracked ...
Security researchers have linked a new wave of cyber‑attacks to Russia’s military intelligence, specifically the APT groups tied to the GRU, which are actively exploiting known vul...
Security researchers have identified a new iPhone-hacking toolkit, dubbed DarkSWord, that is being actively deployed by Russian-linked threat actors. The toolkit exploits a previou...
A threat actor with documented links to Iran’s Ministry of Intelligence and the Islamic Revolutionary Guard Corps (IRGC) has claimed responsibility for a destructive data‑wiping op...
Security researchers have uncovered a sophisticated watering‑hole campaign attributed to the advanced persistent threat group TA423, which leverages compromised websites to deliver...