Latest Analysis
Cybersecurity intelligence, threat analysis, and national security reporting.
Cal Water Probes Alleged Hacking by Iran-Linked Group
Cal Water is taking swift and decisive action to investigate allegations of a cybersecurity incident, swiftly activating its response plan and working around the clock to get to the bottom of the claim. The utility confirms that its probe, launched after learning of the alleged hacking by an Iran-linked group on June 11, 2026, is ongoing with no known operational disruptions reported so far.
Ransomware Gang Exploits Microsoft Teams for C2 Traffic
Meet the sneaky ransomware gang that hijacked Microsoft Teams to secretly control its victims' systems for two whole months, using sophisticated cyber tradecraft to stay under the radar. They pulled off this impressive heist with a custom backdoor and some clever C2 traffic disguises.
UK Plans Facial Scans, ID Checks for Social Media Users
The UK government plans to revolutionize online safety by introducing facial scans and ID checks for social media users, starting with a ban on social media for under-16s. This move aims to give kids their childhood back and protect them from the potential harms of online platforms.
Rokarolla Malware Targets Android Banking Apps with 137 Commands
Meet Rokarolla, a sneaky Android banking trojan that's taking aim at 217 banking and cryptocurrency apps with an arsenal of 137 remote commands, giving attackers alarming control over infected phones. This malicious malware is designed to outsmart even Google's Play Protect defenses, putting your financial security at risk.
China-Linked Backdoor Expands to Windows with Kernel Stealth
A China-linked espionage group has unleashed a stealthy backdoor that infiltrates Windows systems, targeting government bodies in Honduras, Taiwan, Thailand, and Pakistan. The malware, known as SprySOCKS, boasts advanced espionage features and kernel-level stealth, making it a formidable threat.
Windows Junctions Expose Hidden Malware Paths
Malware creators have found a sneaky way to evade detection by using NTFS junctions, a feature that's normally used to connect directories, to create hidden paths that can bypass security defenses like Microsoft Defender. By exploiting this vulnerability, attackers can cleverly disguise their malware's true location, making it harder to detect.
FTC Warns of $3.5 Billion Losses to Imposter Scams
The Federal Trade Commission is sounding the alarm on imposter scams, which have led to a staggering $3.5 billion in losses - nearly triple the amount reported in 2020. This pervasive form of fraud has become the most reported category, accounting for almost a third of all fraud reports filed with the FTC.
Rokarolla Trojan Enables Unseen Banking Fraud via Device Takeover
Meet Rokarolla, a sneaky Android banking trojan that's taking device takeover to a whole new level, allowing scammers to isolate and exploit victims like never before. This malicious malware doesn't just steal credentials - it gives attackers total control over your phone.
Cardiac Monitor Maker's Data Breach Exposes Security Gaps
A recent report has exposed a shocking security gap in a leading cardiac monitor manufacturer's system, leaving sensitive clinical monitoring data vulnerable to data thieves. This alarming breach highlights the urgent need for enhanced medical-device security and protection of patient information.
Cybersecurity Pros Face Mounting Challenges
Cybersecurity professionals are facing a harsh reality: 68% say their job has become significantly harder in just two years, with many also being shut out of key technology decisions that impact their work. This alarming trend is backed by eight years of data, highlighting a growing crisis in the industry.
Anonymized Infrastructure Exposes Reactive Security Gaps
Despite having access to a flood of IP data, security teams are struggling to turn it into actionable insights, with a staggering 94% of security incidents involving anonymized infrastructure that exposes reactive security gaps. The sheer volume of data is creating a clarity crisis, with analysts overwhelmed by signals but lacking the context needed to respond effectively.
Chainguard Launches Athena to Fortify Open Source Against AI Threats
Meet Athena, a groundbreaking coalition and platform that helps safeguard open-source software from AI-driven threats by streamlining vulnerability detection, private remediation, and coordinated disclosure. By joining forces, Athena members can proactively protect the entire open-source ecosystem from emerging risks.
DragonForce Ransomware Exploits Microsoft Teams to Facilitate Months-Long Breach
Meet Backdoor.Turn, a sneaky new threat that uses Microsoft Teams to hide its tracks and wreak havoc on your network for months on end - and it's surprisingly sophisticated. This Go-based RAT masquerades as legit traffic by exploiting Teams' TURN relay servers.
CISA Warns of Actively Exploited cPanel Plugin Flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.
China-Linked SprySOCKS Backdoor Targets Windows with Driver-Based Stealth
ESET has uncovered a Windows variant of the SprySOCKS backdoor, previously thought to only affect Linux, marking a significant expansion of its capabilities. This new variant, version 1.8, uses driver-based stealth and can communicate through TCP, UDP, and WebSocket channels.
Fortinet FortiSandbox Flaws Targeted by Attackers in Wide-Ranging Exploits
Cyber attackers are actively exploiting three high-severity Fortinet FortiSandbox vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, which were patched just last month and carry a near-critical CVSS score of 9.1. These flaws have been targeted in wide-ranging exploits over the past 24 hours, according to threat intelligence firm Defused Cyber.
Ransomware Gang Exploits Microsoft Teams to Conceal Malicious Traffic
Meet Backdoor.Turn, a sneaky new malware that's abusing Microsoft Teams to hide its malicious activities - and it's a game-changer for cyber threats. This clever RAT uses Teams' own infrastructure against us, making it harder to spot its secret communications.
Fortinet Flaws Exposed to Active Exploitation
Critical vulnerabilities in Fortinet's FortiSandbox platform are under active attack, with multiple flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, being exploited by hackers just 24 hours after security updates were issued.
Earth Lusca Expands Arsenal with Windows SprySOCKS Malware
Chinese threat actor Earth Lusca has upgraded its malware arsenal with Windows SprySOCKS, a sneaky tool that lets hackers secretly send commands to compromised devices, allowing them to fly under the radar. This latest move has been linked to a string of high-profile attacks on government organizations worldwide.
ScarCruft Targets Microsoft Users with NarwhalRAT Malware
Beware of fake Microsoft account alerts! A sneaky North Korean hacking group, ScarCruft, is sending phishing emails that mimic Microsoft security notifications to trick you into downloading the NarwhalRAT malware.
FBI Warns of Courier Cash Scams Fueling Crypto Investment Fraud
Beware of scammers who are using couriers to collect cash from victims, often under the guise of required investments or fines to withdraw from a fake crypto investment firm. The FBI warns that these scammers will instruct victims to hand over cash to a courier, often using verification tactics like sharing a dollar bill serial number or password to gain trust.
DARPA Seeks Rapid Space System Reconstitution Tech
Imagine having the power to rapidly revive critical space services in mere hours to weeks after a setback - that's what DARPA aims to achieve with its latest quest for innovative space system reconstitution technology. The goal is to swiftly restore vital services to at least minimum levels, responding to urgent needs, lost assets, or unexpected collisions.
US Imposes Export Controls on Anthropic AI Model
The US has imposed strict export controls on Anthropic's AI model, Mythos/Fable 5, classifying it as a cyber weapon and effectively banning its sale to foreign nationals. This move comes as the Pentagon severs ties with the company, marking a significant shift in their dealings.
Australia's Intelligence Community Must Adapt to AI Era
The national intelligence community must revolutionize its approach to stay relevant in the AI era, shifting from traditional reporting to dynamic, real-time insights that match the evolving needs of decision-makers. Relying on outdated methods will render it obsolete.