Threat

Open VSX Supply Chain Attack Used a Compromised Developer Account to Spread GlassWorm

Cybersecurity researchers have uncovered a supply chain attack targeting the Open VSX Registry, where unknown threat actors compromised a legitimate developer account to distribute malicious updates through trusted extensions. According to Socket security researcher Kirill Boychenko, on January 30, 2026, four well established Open VSX extensions published by a developer identified as “oorzc” were updated […]

Open VSX Supply Chain Attack Used a Compromised Developer Account to Spread GlassWorm Read More »

CERT Polska Details Coordinated Cyber Attacks on Over 30 Wind and Solar Farms

CERT Polska, Poland’s national computer emergency response team, has disclosed details of a coordinated cyber attack campaign that targeted more than 30 wind and photovoltaic energy farms, a private manufacturing sector company, and a major combined heat and power plant supplying heat to nearly half a million customers. The attacks occurred on December 29, 2025,

CERT Polska Details Coordinated Cyber Attacks on Over 30 Wind and Solar Farms Read More »

Mandiant Identifies ShinyHunters Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Google-owned Mandiant has reported a significant rise in threat activity involving sophisticated voice phishing operations designed to compromise cloud-based software-as-a-service platforms. The activity shows strong tradecraft similarities to extortion campaigns historically associated with the financially motivated cybercrime group known as ShinyHunters. These attacks rely on advanced vishing techniques combined with fake credential harvesting websites that

Mandiant Identifies ShinyHunters Style Vishing Attacks Stealing MFA to Breach SaaS Platforms Read More »

Iran Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

Cybersecurity researchers have uncovered a new cyber espionage campaign, dubbed RedKitten, that is believed to be linked to Iranian state aligned threat actors. The operation is targeting non governmental organizations, human rights defenders, and individuals documenting recent abuses linked to Iran’s internal unrest. The campaign was identified by French cybersecurity firm HarfangLab in January 2026 and appears to coincide with

Iran Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists Read More »

SmarterMail Patches Critical Unauthenticated RCE Vulnerability with CVSS 9.3 Score

SmarterTools has released security updates for its SmarterMail email platform, addressing multiple vulnerabilities, including a critical unauthenticated remote code execution flaw that could allow attackers to run arbitrary commands on affected systems. The most severe issue is tracked as CVE-2026-24423 and carries a CVSS score of 9.3, indicating a high risk to unpatched deployments. Unauthenticated RCE via ConnectToHub

SmarterMail Patches Critical Unauthenticated RCE Vulnerability with CVSS 9.3 Score Read More »

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access

Cybersecurity researchers have discovered a cluster of malicious Google Chrome extensions designed to hijack affiliate links, exfiltrate user data, and steal OpenAI ChatGPT authentication tokens. These extensions exploit the trust users place in popular e-commerce and AI-related browser tools to gain persistent access to sensitive information. Amazon Ads Blocker and Affiliate Hijacking One notable extension, Amazon

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access Read More »

China Linked UAT 8099 Targets IIS Servers in Asia Using BadIIS SEO Malware

Cybersecurity researchers have uncovered a new malicious campaign attributed to a China linked threat actor tracked as UAT 8099. The activity, observed between late 2025 and early 2026, targeted vulnerable Microsoft Internet Information Services servers across multiple Asian countries. The campaign was identified by Cisco Talos, which reported that the attacks primarily focused on IIS

China Linked UAT 8099 Targets IIS Servers in Asia Using BadIIS SEO Malware Read More »

Two Ivanti EPMM Zero Day RCE Vulnerabilities Actively Exploited, Security Updates Released

Ivanti has released urgent security updates to fix two critical vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM), both of which have been actively exploited as zero day attacks. One of the flaws has also been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA)  Known Exploited Vulnerabilities catalog, highlighting the severity of the threat.

Two Ivanti EPMM Zero Day RCE Vulnerabilities Actively Exploited, Security Updates Released Read More »

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries

Cybersecurity researchers have uncovered a large scale exposure of artificial intelligence infrastructure after identifying more than 175,000 publicly accessible Ollama AI servers operating across 130 countries. The findings come from a joint investigation conducted by SentinelOne SentinelLABS and Censys, which highlights the rapid growth of unmanaged AI compute environments on the public internet. According to

Researchers Discover 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries Read More »

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps

A recent study conducted by OMICRON has uncovered serious cybersecurity shortcomings within operational technology networks used across substations, power plants, and control centers globally. The assessment, which analyzed more than 100 real world energy installations, reveals repeated technical, organizational, and functional weaknesses that continue to expose critical infrastructure to cyber threats. The research is based

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps Read More »