Threats

Silver Dragon APT Group Uses Google Drive for Covert Communication Targeting Europe and Asia

Threats March 4, 2026

A sophisticated China-linked threat group, identified as Silver Dragon, has been actively targeting government and high-profile organizations across Southeast Asia…

Phishing Campaign Leverages Google Cloud for Malicious Redirects

Threats March 4, 2026

A sophisticated phishing campaign is exploiting Google Cloud Storage (GCS) to host malicious redirect links, enabling it to bypass standard…

Azure’s AzCopy utility exploited in data exfiltration by ransomware groups

Threats March 4, 2026

Cybersecurity researchers are warning of a worrying new trend in ransomware attacks: threat actors are now weaponizing Microsoft’s legitimate AzCopy…

Security advisory: Malicious packages disguised as Laravel utilities deploy PHP RAT, enable remote access

Threats March 4, 2026

A sophisticated supply chain attack has been discovered targeting the PHP developer community via Packagist, the official package repository for…

SloppyLemming espionage campaign deploys BurrowShell backdoor and Rust RAT against Pakistan and Bangladesh

Threats March 4, 2026

A sophisticated cyber espionage campaign, attributed to a threat group known as SloppyLemming, has been actively targeting government agencies, defense…

Hackers exploit Telegram for initial access to corporate networks.

Threats March 3, 2026

Cybercriminals are increasingly leveraging Telegram, a popular messaging app, to gain initial access to corporate VPNs, RDP sessions, and cloud…

New StegaBin Campaign Utilizes Malicious NPM Packages for Credential Stealing

Threats March 3, 2026

A new cybersecurity threat, dubbed “StegaBin,” is actively targeting developers through the popular npm package manager. The campaign leverages deceptive…

Zerobot Malware Exploits Tenda Command Injection Vulnerabilities

Threats March 3, 2026

The Zerobot malware, a sophisticated botnet campaign, has re-emerged, actively exploiting critical vulnerabilities in Tenda AC1206 routers and the n8n…

Malvertising actor D-Shortiez uses WebKit back-button hijack in forced-redirect browser campaign

Threats March 3, 2026

A sophisticated malvertising campaign orchestrated by a threat actor known as D-Shortiez is exploiting a specific behavior in Apple’s WebKit…

Malvertising Campaign Distributes Pallas macOS Infostealer via Fake Text-Sharing Lures

Threats March 3, 2026

A sophisticated malvertising campaign is actively targeting macOS users globally, deploying a new variant of the AMOS infostealer named “malext.”…

Cyber conflict escalates as Iran experiences internet disruption amid retaliatory hacktivist actions.

Threats March 3, 2026

A coordinated cyber offensive launched by the United States and Israel on February 28, 2026, code-named Operation Epic Fury and…

GitHub Actions CI/CD Misconfiguration Exploited in Attacks on Microsoft and DataDog

Threats March 3, 2026

An autonomous bot named hackerbot-claw launched a week-long attack campaign targeting major open-source projects, exploiting GitHub Actions CI/CD misconfigurations between…

Trending

CISA adds actively exploited SolarWinds Serv-U DoS vulnerability to KEV catalog

AI Agent Discovers 21 Zero-Day Vulnerabilities in FFmpeg; Chrome Addresses 429 Bugs

Cisco Catalyst SD-WAN Manager Vulnerability Exploited, Patch Pending

Threats

Silver Dragon APT Group Uses Google Drive for Covert Communication Targeting Europe and Asia

Phishing Campaign Leverages Google Cloud for Malicious Redirects

Azure’s AzCopy utility exploited in data exfiltration by ransomware groups

Security advisory: Malicious packages disguised as Laravel utilities deploy PHP RAT, enable remote access

SloppyLemming espionage campaign deploys BurrowShell backdoor and Rust RAT against Pakistan and Bangladesh

Hackers exploit Telegram for initial access to corporate networks.

New StegaBin Campaign Utilizes Malicious NPM Packages for Credential Stealing

Zerobot Malware Exploits Tenda Command Injection Vulnerabilities

Malvertising actor D-Shortiez uses WebKit back-button hijack in forced-redirect browser campaign

Malvertising Campaign Distributes Pallas macOS Infostealer via Fake Text-Sharing Lures

Cyber conflict escalates as Iran experiences internet disruption amid retaliatory hacktivist actions.

GitHub Actions CI/CD Misconfiguration Exploited in Attacks on Microsoft and DataDog