Threat

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities

A newly uncovered cyber espionage operation has raised concerns after Ukraine’s national cybersecurity authority, Computer Emergency Response Team of Ukraine, revealed a coordinated malware campaign aimed at government institutions and healthcare facilities. The attacks primarily focus on clinics and emergency hospitals, with the objective of stealing highly sensitive data. Attack Timeline and Threat Actor Profile Security […]

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities Read More »

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails

Cybersecurity specialists have identified a significant vulnerability in how workflow automation platforms are being weaponized by criminal organizations. Since the latter part of 2025, malicious actors have systematically exploited n8n—a widely-used cloud-based process automation solution—to conduct elaborate phishing schemes and deploy harmful software. Researchers from Cisco’s threat intelligence division documented the concerning trend in a

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails Read More »

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft has released its latest Patch Tuesday security updates, addressing a total of 169 vulnerabilities across its software ecosystem. Among these is a zero-day vulnerability in SharePoint Server that is currently being exploited in real-world attacks. Breakdown of Vulnerabilities Out of the 169 identified flaws: A large portion of these issues, around 93 vulnerabilities, are related to privilege escalation. Other

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities Read More »

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack

A serious software supply chain attack has been uncovered involving the popular WordPress plugin Smart Slider 3, where attackers compromised the update infrastructure to distribute a malicious version containing a hidden backdoor. According to security researchers at Patchstack, the affected release is Smart Slider 3 Pro version 3.5.1.35. The plugin, widely used across more than 800,000 websites,

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack Read More »

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware

A newly identified cyber threat cluster, UAT-10362, has been linked to targeted spear-phishing attacks aimed at organizations in Taiwan, including non-governmental organizations (NGOs) and academic institutions. The campaign deploys a previously unknown malware framework called LucidRook. Security researchers from Cisco Talos revealed that the operation was first detected in October 2025 and demonstrates a high

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware Read More »

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits

A new cyber espionage operation linked to Russia’s state-backed group APT28, also known as Forest Blizzard and Pawn Storm, has been uncovered targeting Ukraine and its allied nations. The campaign delivers a newly identified malware framework called PRISMEX through highly targeted spear-phishing attacks. Security researchers from Trend Micro revealed that the campaign has been active since at least

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits Read More »

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems

Artificial intelligence company Anthropic has introduced a new cybersecurity initiative called Project Glasswing, powered by an advanced preview model known as Claude Mythos. The program aims to strengthen global software security by identifying and fixing critical vulnerabilities before they can be exploited. The initiative will involve collaboration with major technology and security organizations, including Amazon

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems Read More »

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems

A large-scale software supply chain attack linked to North Korean threat actors has been uncovered, involving the of more than 1,700 malicious packages across multiple developer ecosystems, including npm, PyPI, Go, Rust, and Packagist. The campaign, tracked as Contagious Interview, demonstrates a coordinated effort to infiltrate developer environments by disguising malware as legitimate development tools.

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems Read More »

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure

Cybersecurity authorities have issued warnings about a surge in attacks by Iran-linked threat actors targeting operational technology systems in the United States. These attacks are focused on internet-accessible industrial devices, particularly programmable logic controllers (PLCs), which are widely used in critical infrastructure environments. According to alerts from the Federal Bureau of Investigation (FBI), these intrusions have

Iran-Linked Hackers Target Internet-Exposed PLCs to Disrupt U.S. Critical Infrastructure Read More »

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign

A sophisticated cyber espionage campaign linked to Russia’s notorious threat group APT28, also tracked as Forest Blizzard, has been uncovered targeting vulnerable home and small office routers worldwide. The operation focuses on manipulating DNS configurations to intercept sensitive data without user awareness. The campaign, named FrostArmada by Black Lotus Labs, has been active since at least May

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign Read More »