Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...

Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...

🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Rockwell Automation RSLinx Vulnerability Advisory 🚨 Attention all users of RSLinx Classic! 🚨 A critical vulnerability has been identified in Rockwell Automation’s RSLinx Classic software that cou...

Overview The Google Threat Intelligence Group (GTIG) has identified a sophisticated campaign attributed to UNC6508, a People’s Republic of China (PRC)-nexus threat actor, targeting institutions in...

How Orca Traced an nginx Flaw to 1.45 Million Tengine Servers While the rest of the industry was busy patching nginx, Orca’s Threat Research Team was asking a different question, and the answer le...

Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays 🚨 Backdoor.Turn, a Go-based RAT, is the first known malware to abuse Microsoft Teams’ TURN relay servers to mask command-and...

FishMonger’s Arsenal Upgraded: SprySOCKS for Windows 🚀 ESET researchers have discovered SprySOCKS for Windows, a backdoor weaponizing a kernel driver for advanced stealthiness. This malware is lin...

Dissecting Sapphire Sleet’s macOS Intrusion from Lure to Compromise Microsoft has identified an additional Sapphire Sleet macOS intrusion that follows the same core attack chain previously documen...

Ababil of Minab Exposed 🚨 Ababil of Minab is a pro-Iranian threat actor that surfaced in late March 2026, claiming destructive intrusions against targets in the United States, Israel, Saudi Arabia...

CVE-2026-44587 - CarrierWave Bypass Vulnerability CarrierWave is a framework for uploading files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the content_type_denylist check fails...

Users Cry Foul After AMD Stripped Memory Crypto from Its Consumer CPUs A decade ago, AMD introduced a protection mechanism to its high-end CPUs to safeguard against cold boot attacks and other phy...

Operation Highland: Uncovering Velvet Ant’s Intrusion When Sygnia’s IR team began reconstructing the intrusion that would become known as Operation Highland, they discovered that the earliest fore...

Feds Freaked Over Fable 5 After Simple ‘Fix This Code’ Prompt The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was actually a simple three-word prom...

DPAPISnoop Tool Enhances Offline Windows Credential Recovery 🚀 The open-source DPAPISnoop tool has been enhanced to extract CREDHIST entries, enabling offline cracking of historical Windows creden...

Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks An attack by the Anubis ransomware group on a port authority on the Adriatic has raised alarms about maritime infra...

Evil MSI Background: BASE64 Statistical Analysis A recent analysis focused on a suspicious JPEG file, following up on “The Evil MSI Background is Back!”. The bytes present in this suspicious JPEG ...

Hackers Hide New Argamal Malware Inside Working Hentai Games Cybersecurity firm Kaspersky has discovered a new campaign delivering malware to people downloading adult video games. Detected in Apri...

CVE-2026-12191 - Vulnerability in Comma AI Openpilot A vulnerability, identified as CVE-2026-12191, was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads o...