Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

2026-02-25T17:46:00Z Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a sus…

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

2026-02-25T08:49:00Z A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been…

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

2026-02-25T07:04:00Z SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer softwa…

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

2026-02-25T05:23:00Z The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vul…

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

2026-02-24T18:52:00Z A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositor…

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

2026-02-24T09:54:00Z The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications comp…

APT28 Targeted European Entities Using Webhook-Based Macro Malware

2026-02-23T19:41:00Z The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targ…

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

February 23, 2026 at 11:29PM Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated…

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

February 23, 2026 at 06:30PM Security news rarely moves in a straight line. This week, it feels more like a series of sharp tur…

How Exposed Endpoints Increase Risk Across LLM Infrastructure

February 23, 2026 at 05:28PM As more organizations run their own Large Language Models (LLMs), they are also deploying more int…

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

February 23, 2026 at 03:50PM Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" su…

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

February 23, 2026 at 12:55PM The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) …