The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In...
Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled...
How Wiz security uses Service Catalog to turn cloud risk into service ownership
Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain. The post Google spotted an...
For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, the US education technology company...
A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to...
A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to...
The issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected computer to seize full administrative control.
CERT Polska has received a report about 2 vulnerabilities (CVE-2026-6909 and CVE-2026-6956) found in ATutor software.
Turns out that LLMs are really good at hiding text messages in other text messages.
That’s not a radio. THIS is a radio
Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that collectively listed 2,122 new victims. This...
Poland’s Internal Security Agency (ABW) disclosed that cyberattacks targeting ICS (industrial control systems) and public infrastructure escalated sharply... The post Polish ABW warns cyberattacks...
Smart glasses allow anyone to track and record the world around them. That could put your data and the privacy of those nearby at risk.
The U.S. National Institute of Standards and Technology (NIST) released a draft revision of NISTIR 8323 Rev. 2,... The post NIST revises PNT services cybersecurity guidance under CSF 2.0 to...
A cyber intrusion initially presented as a conventional Chaos ransomware attack has now been linked with moderate confidence... The post Rapid7 links Chaos ransomware campaign to Iranian...
Following its November move to become an official CVE Program Root, the European Union Agency for Cybersecurity (ENISA)... The post ENISA strengthens EU vulnerability coordination as four...
ALS Ltd (ASX: ALQ) has come under renewed investor scrutiny after disclosing a recent cyber security incident that temporarily disrupted some of its global operations. The company said it...
Arezzo, 10 maggio 2026 – Alla vigilia della grande mostra per i cento anni della sua storia e mentre Arezzo si preparava ad accendere le luci della fiera OroArezzo, il cuore digitale di Unoaerre è...
On May 11, 2026, TeamPCP launched coordinated software supply chain attacks targeting the npm and PyPI ecosystems. Over roughly six hours, the attacker published dozens of trojanized packages...
Alan Weissberger of the IEEE Communications Society (ComSoc) Techblog felt the ongoing culture and education gaps been network security and engineering needed to be highlighted as it is keeping...
Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process...
The attack begins with unauthorized access to exposed Jenkins instances, often enabled by weak credentials. Threat actors abuse the scriptText endpoint, which allows execution of Groovy scripts,...
Mark Kelly, Staff Threat Researcher at Proofpoint, is discussing their work on "I’d come running back to EU again: TA416 resumes European government espionage campaigns." China-linked threat...
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service....
Plus: Meta officially kills encrypted Instagram DMs, the Trump administration targets “violent left wing extremists,” leaked documents reveal Russia's school for elite hackers, and more.
A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project to deliver information-stealing malware to Windows users. [...]
Previously, the attackers gained access to internal resources, and used it to extract sensitive credentials, including publishing credentials for Jenkins plugins. Using this access, they modified...
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being...
Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.