Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...

Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...

🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Understanding Illicit Ecosystems: XSS and the Current State of the Russian-Speaking Underground For more than two decades, XSS has been the gathering ground for the Russian-speaking cybercriminal ...

New Fake-Invoice Campaign Uncovered by Malwarebytes 🚨 A new batch of fake payment invoices is being staged right now, and we caught the campaign while it was still being put together! The emails i...

Bend the Beam Like Beckham to Defeat Anti-Jamming Tech It’s hard to stop a signal jammer if you can’t locate the source, say Rice University researchers. 📡 Wireless jamming attacks are on the ris...

Argamal RAT Distributed with Hentai Games 🚨 In April 2026, a new malware campaign targeting players of “hentai” games was discovered. Once launched, the infected games install a previously unknown...

From Malspam to DesckVB RAT Deployment 🚨 In May 2026, the Huntress SOC responded to a DesckVB RAT infection that began with a malspam. This delivery chain tells an interesting story: the lure rout...

Your Car is Following You - How to Reclaim Your Data Privacy on the Open Road 🚗🔍 Today’s vehicles know where you live, when you travel, and your driving habits. It’s becoming increasingly difficul...

Mini Shai-Hulud Campaign Compromises Red Hat Cloud Services 🚨 A mini Shai-Hulud campaign has compromised Red Hat Cloud Services npm packages to steal developer and CI/CD secrets during installatio...

Microsoft Changes Course on Legal Threats 🚀 Microsoft has announced that it will no longer pursue legal action against security researchers who conduct or publish their findings. This decision com...

HP Poly VoIP Vulnerability Alert 🚨 HP has released patches for a critical buffer overflow vulnerability in multiple IP-enabled conference phones from its Poly Voice line. This remote code executio...

Google Patches Over 100 Android Security Vulnerabilities 🚀 Google has released new security updates for Android, patching more than 100 vulnerabilities. Android users, it’s time to update your dev...

Dashlane Reports Cyberattack 🚨 Password manager maker Dashlane has reported that hackers have obtained at least a dozen encrypted vaults used for storing customer passwords during a weekend cybera...

Anthropic Expands Access to Claude Mythos Preview 🚀 Anthropic has expanded access to Claude Mythos Preview, its groundbreaking model that could potentially redefine cybersecurity as we know it! 🌐 ...

Pointing a Cursor at Evading Detection Source: Sophos Date Published: June 2, 2026 Sophos X-Ops analysts have observed a threat actor utilizing artificial intelligence (AI) technologies to test e...

CVE-2026-44825 | Apache Solr AuthTool Hardcoded Credentials Vulnerability CVE-2026-44825 is a hardcoded credentials vulnerability in Apache Solr’s Basic Authentication setup tool, bin/solr auth en...

Windows Server Vulnerability Can Grant System Privileges 🚨 Today, Microsoft is in the unfortunate limelight due to a 9.8-rated remote execution vulnerability affecting Windows Server domain contro...

Spain Arrests Doxer Leaking Sensitive Data of Government Employees 🚨 The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key stat...

Inside Gamaredon Cyber Operations: FSB’s Matryoshka #1/3 Sekoia.io’s Threat Detection & Research (TDR) team closely monitors the activities of Russian Advanced Persistent Threats (APT). In lat...