Threats

ClickFix Infostealer Campaign Employs Fake CAPTCHA Lures to Compromise Victims

Threats February 24, 2026

A new malware campaign, dubbed ClickFix, is emerging in early 2026, employing sophisticated social engineering tactics that utilize fake CAPTCHA…

Hackers exploit DeepSeek and Claude to target FortiGate devices globally

Threats February 24, 2026

In early February 2026, threat actors were discovered to be leveraging Large Language Models (LLMs) like DeepSeek and Claude in…

GrayCharlie Injects Malicious JavaScript Into WordPress Sites To Deliver NetSupport RAT and Stealer

Threats February 23, 2026

A sophisticated threat actor, identified as GrayCharlie, has been actively compromising WordPress websites since mid-2023, subtly injecting malicious JavaScript to…

New MIMICRAT Custom RAT Discovered in Sophisticated ClickFix Campaign

Threats February 23, 2026

A sophisticated cyber-espionage campaign leveraging a novel “ClickFix” technique to deliver a custom remote access trojan (RAT) named MIMICRAT has…

North Korean Actors Employ Fake IT Campaigns and Contagious Interview Tactics

Threats February 23, 2026

North Korean threat actors are employing sophisticated, two-pronged cyber operations, including the “Contagious Interview” campaign, to infiltrate Western tech companies…

New phishing framework Starkiller replicates login pages to circumvent multi-factor authentication.

Threats February 23, 2026

A new, sophisticated phishing framework named Starkiller has emerged, empowering attackers with advanced tools to steal credentials and bypass multi-factor…

APT Threat Actors Employ DLL Sideloading and Bring Your Own Vulnerable Driver in Advanced Malware Campaigns

Threats February 23, 2026

Cybersecurity researchers have identified a sophisticated new campaign attributed to the Silver Fox advanced persistent threat (APT) group, which is…

North Korea-linked operators continue aggressive cryptocurrency targeting 12 months after Bybit breach

Threats February 23, 2026

A year ago, on February 21, 2026, North Korea (DPRK)-linked operators executed the largest confirmed cryptocurrency theft in history, siphoning…

CharlieKirk Attack Targets Windows Systems for Credential Exfiltration

Threats February 20, 2026

A new stealthy malware strain named CharlieKirk Grabber is actively targeting Windows systems, with a primary objective of stealing sensitive…

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges

Threats February 20, 2026

A critical vulnerability discovered in Grandstream VoIP phones, specifically the GXP1600 series, allows attackers to gain root privileges and potentially…

Large Language Models Generate Insecure Passwords Exhibiting Predictability and Repetition

Threats February 20, 2026

New research reveals that large language models (LLMs), increasingly tasked with generating passwords, produce credentials that are significantly weaker than…

FBI issues alert as Ploutus malware targets U.S. ATMs

Threats February 20, 2026

The FBI has issued an emergency FLASH alert, warning U.S. banks and ATM operators of a significant surge in “jackpotting”…

Trending

CISA adds actively exploited SolarWinds Serv-U DoS vulnerability to KEV catalog

AI Agent Discovers 21 Zero-Day Vulnerabilities in FFmpeg; Chrome Addresses 429 Bugs

Cisco Catalyst SD-WAN Manager Vulnerability Exploited, Patch Pending

Threats

ClickFix Infostealer Campaign Employs Fake CAPTCHA Lures to Compromise Victims

Hackers exploit DeepSeek and Claude to target FortiGate devices globally

GrayCharlie Injects Malicious JavaScript Into WordPress Sites To Deliver NetSupport RAT and Stealer

New MIMICRAT Custom RAT Discovered in Sophisticated ClickFix Campaign

North Korean Actors Employ Fake IT Campaigns and Contagious Interview Tactics

New phishing framework Starkiller replicates login pages to circumvent multi-factor authentication.

APT Threat Actors Employ DLL Sideloading and Bring Your Own Vulnerable Driver in Advanced Malware Campaigns

North Korea-linked operators continue aggressive cryptocurrency targeting 12 months after Bybit breach

CharlieKirk Attack Targets Windows Systems for Credential Exfiltration

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges

Large Language Models Generate Insecure Passwords Exhibiting Predictability and Repetition

FBI issues alert as Ploutus malware targets U.S. ATMs