The global security industry recognized outstanding achievements on February 5th during the 2nd Global Outstanding Security Performance Awards. This virtual event, broadcast internationally, highlighted excellence within the security profession, celebrating leaders, practitioners, and organizations from diverse backgrounds and regions. The Global OSPAs served as a critical platform for showcasing innovation,…

North Korean IT workers are intensifying their efforts to secure remote employment by impersonating legitimate professionals and utilizing their actual LinkedIn profiles. This evolving tactic, identified by Security Alliance analysts on February 10, 2026, presents a significant challenge for organizations seeking to verify candidate identities and prevent illicit funding for…

A sophisticated phishing campaign targeting Telegram users has resurfaced, employing a novel method that bypasses traditional security measures by exploiting the platform’s legitimate authentication workflows. This advanced attack allows threat actors to gain full, authorized access to user accounts without relying on simple password theft, posing a significant new challenge…

A newly identified cyber espionage group, dubbed Vortex Werewolf, has been actively targeting Russian government and defense organizations since at least December 2025. This sophisticated threat actor is leveraging social engineering tactics and legitimate software utilities to gain covert, anonymized remote access to sensitive systems, the BI.ZONE research firm reported…

Advanced Persistent Threat (APT) actors are increasingly targeting network edge devices, exploiting vulnerabilities in firewalls, routers, and VPN appliances to establish persistent access within organizations. This evolving tactic bypasses traditional endpoint security by focusing on infrastructure with less stringent monitoring, allowing attackers to maintain their presence even after system reboots…

Cybercriminals are increasingly sophisticated in their methods, with a new wave of attacks exploiting ClawHub skills to bypass security measures like VirusTotal through social engineering. Threat actors are moving away from directly embedding malicious code into files, opting instead to host dangerous payloads on convincing external websites. This strategic shift…

ScarCruft, a persistent North Korean advanced persistent threat (APT) group, has been observed employing a new and more sophisticated method to deliver its ROKRAT malware. This latest campaign highlights the group’s evolving tactics, focusing on novel infection vectors that leverage Object Linking and Embedding (OLE) objects within Hangul Word Processor…

Cyber threats are evolving beyond traditional malware and exploits, with attackers increasingly targeting the tools, platforms, and ecosystems organizations rely on daily. As companies integrate AI, cloud applications, developer tools, and communication systems, malicious actors are following these same interconnected paths, exploiting trust in a multifaceted approach to compromise systems.…

A new sophisticated malware strain, identified as LTX Stealer, has emerged, targeting Windows users with a novel Node.js-based architecture. First observed in early 2026, this insidious tool is designed to exfiltrate sensitive user data, including login credentials, browser cookies, and cryptocurrency wallet information. Its unique method involves embedding a complete…

Microsoft has recently detailed a sophisticated multi-stage intrusion that began with threat actors exploiting internet-exposed SolarWinds Web Help Desk (WHD) instances. This initial access point allowed attackers to move laterally within the victim’s network and target high-value assets. The incident, which occurred in December 2025, highlights ongoing cybersecurity challenges and…

Cybercriminals are increasingly exploiting legitimate invoicing systems from major companies like Apple and PayPal in sophisticated DKIM replay attacks. This emerging threat bypasses traditional email security filters by leveraging the trust users place in familiar brand notifications. Hackers insert fraudulent contact information into seemingly valid invoices, directing unsuspecting victims to…

BeyondTrust has issued critical security updates for its Remote Support (RS) and Privileged Remote Access (PRA) products, addressing a pre-authentication remote code execution flaw. This vulnerability, if exploited, could allow unauthenticated attackers to execute operating system commands on affected systems, posing a significant risk to enterprise security and network security.…