Overview Earlier this month, security sleuth and researcher “Chaotic Eclipse” (also known as Nightmare-Eclipse) published a zero-day exploit known as YellowKey, which allowed them to access BitLoc...

Overview of the First VPN Service 🚀 The Federal Bureau of Investigation (FBI) has released a FLASH report to share indicators of compromise (IOCs) and tactics related to the First VPN Service. Thi...

🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Windows Server Vulnerability Can Grant System Privileges 🚨 Today, Microsoft is in the unfortunate limelight due to a 9.8-rated remote execution vulnerability affecting Windows Server domain contro...

Spain Arrests Doxer Leaking Sensitive Data of Government Employees 🚨 The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key stat...

Inside Gamaredon Cyber Operations: FSB’s Matryoshka #1/3 Sekoia.io’s Threat Detection & Research (TDR) team closely monitors the activities of Russian Advanced Persistent Threats (APT). In lat...

Major Security Breach on Instagram 🚨 Instagram has resolved a significant security issue that allowed several users’ accounts to be hacked. The attack relied on tricking Meta’s AI-powered support ...

Election Interlopers Register 5K+ Domains 🚨 The biggest threat to America’s midterm elections in November likely isn’t foreign attackers hacking US voting machines. Phishing and election-official ...

Critical Vulnerability in WP Maps Pro Plugin 🚨 Thousands of attacks were observed in a single day targeting a critical flaw in the WP Maps Pro plugin. Researchers disclosed this flaw, which allows...

CISA Adds Critical Palo Alto Networks Firewall Flaw to KEV 🚨 Hackers are exploiting a software vulnerability in Palo Alto Networks’ firewalls to evade login requirements and remotely access protec...

Unidentified RAT Pushes NetSupport RAT 🚨 This diary provides indicators from an unidentified RAT infection on Wednesday, May 27, 2026, that was followed by a malicious NetSupport Manager RAT packa...

Tracking APT28 PixyNetLoader: Evolutions from 2024 to 2026 In this article, we will examine the evolutions of the APT28 PixyNetLoader code family. By analyzing approximately 90 samples and studyin...

Major Botnet Dismantled 🚨 The Dutch National Cyber Security Center (NCSC) and local police have successfully dismantled a 17 million device botnet by taking down 200 servers. This significant oper...

CVE-2026-10199 - Assimp glTF2Asset.h LazyDict Null Pointer Dereference A vulnerability has been found in Assimp up to version 6.0.4. The function glTF2::LazyDict in the library glTF2Asset.h is aff...

Meet GREYVIBE: A New Threat to Ukraine 🚨 Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. This group targets Ukr...

ChatGPhish: The Page Is the Payload 🚀 This research takes that same class of problem into another dimension. Different product. Different LLM surface. Different delivery primitive. This time, the ...

CVE-2026-48810 - FreeScout: Thread Edit Authorization Bypass via Missing Mailbox Check Published Date: May 29, 2026 FreeScout is a free help desk and shared inbox built with PHP’s Laravel framewo...

Major 7-Zip Vulnerability Detected 🚨 The ever-popular open-source archive-handling utility 7-Zip is now in the spotlight due to an 8.8-rated CVE vulnerability in its archive-opening procedure. If ...