APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

February 03, 2026 at 02:42PM The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed t…

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

February 03, 2026 at 11:09AM Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that al…

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

February 03, 2026 at 10:25AM A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to t…

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

February 02, 2026 at 11:19PM A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaig…

Securing the Mid-Market Across the Complete Threat Lifecycle

February 02, 2026 at 05:15PM For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative s…

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

February 02, 2026 at 02:25PM The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's…

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

February 02, 2026 at 11:17AM The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecuri…

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

February 02, 2026 at 10:34AM Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX R…

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

January 31, 2026 at 05:32PM A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new …

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

January 31, 2026 at 01:28PM Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that…

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

January 31, 2026 at 12:35PM CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks t…

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

January 30, 2026 at 12:39PM SmarterTools has addressed two more security flaws in SmarterMail email software, including one cri…