Brand Trust as a Weapon: Multi-Brand Impersonation Campaigns Deliver JWrapper Malware
By: Sean Moleta and Mark Gammad, Cofense Phishing Defense Center In recent threat campaigns, attackers have begun abusing the trust placed in DocuSign, a widely...
Dell RecoverPoint for Virtual Machines Zero Day Attack
What is the Attack? The attack involves the threat cluster UNC6201...
Chromium: CVE-2026-2319 Race in DevTools
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...
2025 Cloud Threat Hunting and Defense Landscape
Executive Summary Insikt Group has observed continued trends of growth and increased activity of threat actors leveraging and exploiting cloud infrastructure to broaden...
Kubernetes project issues warning on Ingress NGINX retirement
The Kubernetes project is urging organizations to migrate away from Ingress NGINX before its retirement in March 2026, with new high-severity CVEs underscoring the...
Substack Breach May Have Leaked Nearly 700,000 User Details Online
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online.
The post...
Stone, parchment or laser-written glass? Scientists find new way to preserve data
Hard disks and magnetic tape have a limited lifespan, but glass storage developed by Microsoft could last millenniaSome cultures used stone, others used parchment....
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics - Read more
The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP
I don’t know about you, but when I think about “critical vulnerabilities,” I usually picture ransomware, data theft, or maybe a server falling over...
CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)
OverviewRapid7 Labs conducted a zero-day research project against the Grandstream GXP1600 series of Voice over Internet Protocol (VoIP) phones. This research resulted in the...
Latest article
CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT
A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing...
CVE-2025-5791 Users: `root` appended to group listings
Information published. - Read more
JCPenney – 368,418 breached accounts
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from JCPenney through...
Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling...
