Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to ...
Crowdfund Insider

Trojan Now Impacting Brazilian Financial Institution Clients, Malware Employs Advanced Stealth Tactics : Analysis

Cybersecurity researchers at Kaspersky’s Global Research and Analysis Team (GReAT) have spotlighted a highly evolved banking ...
WeLiveSecurity

Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

AI-generated Slopoly malware used in Interlock ransomware attack

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...
The Hacker News

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware ...
Security Boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a ...
How-To Geek on MSN

I built a NAS from an old laptop—here's what Linux taught me the hard way

5 hard lessons I learned about Linux and Docker while building my first DIY NAS ...
Security Boulevard

What Does MITRE ATT&CK Coverage Really Mean?

Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks ...

FortiGate Edge Intrusions: Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...