Hacking

US Warns of Iranian Hackers Targeting Exposed Industrial Controls
When devices that connect our physical and digital worlds are left exposed to the public internet, they become an open invitation for hackers - and Iranian-linked cybercriminals are now actively targeting Internet-exposed industrial control systems, specifically Rockwell/Allen-Bradley programmable logic controllers, in US critical infrastructure organizations.

Automated Pentesting Tools Hit PoC Plateau
Automated pentesting tools can deliver impressive early results, quickly uncovering low-hanging fruit and generating proof-of-concept failures - but often hit a plateau, leaving significant attack surfaces untested and creating a validation gap that's hard to ignore. This phenomenon, known as the PoC cliff, can abruptly halt progress, causing detection and exploitation attempts to drop off and tools to stop producing actionable findings.

Recurring Credential Incidents Drain Corporate Finances
Did you know that a single credential security breach can cost a whopping $4.4 million, making it a top priority for businesses to prevent? But while avoiding a major incident is crucial, what's often overlooked are the recurring credential incidents that quietly drain corporate finances.

GPUBreach Attack Escalates CPU Privileges via Graphics Units
Imagine a scenario where the very processor that powers your gaming experiences or fuels your AI models becomes a vulnerability that attackers can exploit to hijack your entire machine - new research reveals that this is no longer just a theoretical threat. A recently discovered attack, dubbed GPUBreach, can escalate CPU privileges through graphics units, leaving your system exposed to potential takeover.

SOCs Face Multisystem Threats
In today's complex threat landscape, who's accountable when a single intrusion spreads across multiple systems, from Windows laptops to MacBooks, Linux servers, and mobile devices? The harsh reality is that no single team can contain it, as modern attack surfaces and campaigns have outgrown traditional Security Operations Center (SOC) workflows.

Researchers Mock Cybercrime Crews in Unconventional Takedown
In a bold move, researchers fighting cybercrime decided to take a stand against the mystique surrounding digital gangs by roasting them with ridicule, stripping away their legendary status. By mocking notorious crews like Wizard Spider and Velvet Tempest, they're reclaiming the narrative and deflating the glamour often associated with these cybercrime teams.

Nation-State Hackers Exploit Cloud Services for Global Espionage
In the shadows of the digital world, nation-state hackers are quietly exploiting cloud services to orchestrate global cyber espionage - but how can organizations, governments, and individuals defend against threats they can't see? The hidden world of cyber espionage poses a daunting question: what's at stake when the invisible forces of cyber threats manipulate the systems we rely on?

Third-Party Risk Exposes Hidden Weaknesses in Client Security Posture
The next big security breach hitting your clients likely won't come from within their own walls, but from a blind spot they never suspected: their trusted third-party relationships with vendors, SaaS tools, and subcontractors. Most organizations are woefully underprepared for this expanding attack surface.

Zoom Meetings Exposed by Rogue Web Service
Meetings meant to be private, ended up being public. A rogue web service called WebinarTV has been exploiting Zoom meeting security by searching for publicly available invites, joining and secretly recording sessions, and publishing them online.

Microsoft Accelerates Windows 11 Upgrades with Mandatory 25H2 Rollout
Microsoft is taking a bold step by automatically upgrading unmanaged Windows 11 devices running 24H2 Home and Pro editions to the latest 25H2 version, starting this week. This move marks a significant shift in the company's approach to Windows 11 upgrades.

Residential Proxies Bypass IP Reputation Checks in Most Sessions
Residential proxies are making it increasingly difficult for defenders to block threats, as they bypass IP reputation checks in a staggering 78% of cases, blending in with ordinary home users. This alarming trend is blurring the lines between attackers and legitimate users, making it harder to keep malicious traffic at bay.

Apple Bolsters iOS Security to Counter DarkSword Web Exploit Kit
Apple just took a major step to safeguard its users by expanding its iOS security update to include older devices, shielding them from the DarkSword web exploit kit. This move ensures that users with older devices, as well as enterprises relying on long-lived hardware, receive crucial protection against potential threats.

Hackers Exploit TrueConf Flaw to Deploy Malicious Updates
Imagine the video conferencing platform you rely on to connect with your team being turned against you, allowing hackers to spread malicious software to everyone in the room. A recently discovered zero-day flaw in TrueConf's update mechanism has been exploited by threat actors to deliver and execute malicious files on connected devices.

Apple Bolsters iOS 18 Defenses Against DarkSword Exploit Kit
Apple is stepping up its game to protect iPhone users with a new security update for iOS 18, shielding against the sneaky DarkSword exploit kit that's been compromising devices. This proactive move is a crucial defense in the ever-evolving world of cybersecurity threats.

US Cyber Strategy May Embolden Private Sector Hackback
The Biden administration's 2026 Cyber Strategy for America is making waves with a bold call to action: unleashing the private sector to disrupt adversary networks and scale national cyber capabilities. This single move has sparked debate and concern, effectively greenlighting private companies to conduct hackback operations - a concept that's simple in theory but fraught with danger in practice.

AI Boosts Pentesting Efficiency by 40% at Amazon
Amazon's security team has achieved a game-changing 40% boost in pentesting efficiency by harnessing the power of artificial intelligence, significantly speeding up the process of identifying vulnerabilities and keeping the internet more secure. This innovative approach is a major win for productivity and a strong indicator of AI's growing role in cybersecurity.

Axios Library Compromised in North Korea-Linked Supply Chain Attack
A widely-used JavaScript library, Axios, has been compromised in a supply-chain attack linked to North Korea, allowing attackers to secretly inject malicious code into millions of applications and systems. This sneaky move has sent shockwaves through the open-source software community, highlighting the vulnerability of even the most trusted code.

Valid Credentials Fuel Majority of Modern Cyber Intrusions
Most modern cyber intrusions aren't about dramatic break-ins, but rather attackers walking through the front door with valid credentials, making them harder to detect. This strategic shift from exotic exploits to ordinary access has led to quieter attacks and longer dwell times, catching defenders off guard.

Chinese Hackers Revive European Espionage Push
Chinese hackers, specifically the state-backed group TA416, appear to have hit the pause button on their European espionage operations - but don't take a sigh of relief just yet, as the silence in cyberspace can be deceiving. A cybersecurity firm, Proofpoint, has tracked the group's sudden absence since 2023, leaving defenders wondering if this is a temporary lull or a permanent win.

Attackers Exploit Trusted Tools to Evade Cybersecurity Defenses
When the very tools you trust to keep your network safe are turned against you, who do you turn to? Imagine your familiar admin tools being hijacked by attackers, quietly compromising your defenses and leaving you vulnerable.

Google Patches Fourth Chrome Zero-Day Exploited in 2026 Attacks
Google just patched the fourth Chrome zero-day vulnerability of 2026, a sobering reminder that attackers are relentlessly targeting the browser ecosystem with increasingly sophisticated threats. This latest emergency fix highlights the urgent need for users to stay vigilant and up-to-date with the latest security patches.

Hackers Compromise Axios Package to Spread RAT Malware
A recent breach of the popular Axios npm package has exposed a critical supply chain vulnerability: hackers hijacked a maintainer account to spread remote access trojans, putting thousands of applications and developers at risk.

Google Links Axios npm Breach to North Korea's UNC1069 Group
Google's threat intelligence team has linked a recent breach of the Axios npm package to UNC1069, a North Korean hacking group motivated by financial gain. This alarming discovery highlights the vulnerability of the software supply chain to state-linked cybercrime.

Uranium Finance Hack Exposed: Maryland Man Charged in $53m Crypto Heist
A Maryland man has been charged with stealing $53 million from Uranium Finance, a decentralized finance protocol, by exploiting weaknesses in smart contracts and then attempting to launder the proceeds through a complex web of cryptocurrency transactions. This brazen heist highlights the vulnerability of DeFi systems and the creative - yet illicit - tactics used by hackers to cash in.