GHOST STADIUM Phishing Campaign Targets FIFA World Cup Fans With 300+ Fake Domains
As the 2026 FIFA World Cup draws closer, cybercriminals are moving fast to cash in on the excitement. Researchers have uncovered a massive fraud...
Gladinet Triofox Server Agent Multiple Vulnerabilities
Gladinet Triofox Server Agent Multiple Vulnerabilities Multiple vulnerabilities exist in Gladinet Triofox Server Agent 17.1.10488.57063. CVE-2026-8364 - Missing Authentication for Critical Function (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Gladinet Triofox Cloud...
The Next AI Security Failure May Start With a Trusted Assistant
AI coding tool flaws highlight the need for data-layer governance, access controls, encryption, and audit logs for AI agents.
The post The Next AI Security...
Scottish social enterprise supports national cyber efforts
Cyber and Fraud Centre has supported community cyber resilience in Scotland to the tune of £3m in its first year operating as a social...
MediaArea heap-based buffer overflow vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed four vulnerabilities in MediaArea MediaInfoLib library.The vulnerabilities mentioned in this blog post have been patched...
CrowdStrike, Google Take Down Glassworm Botnet
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025 - Read more
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
Security teams need high-quality, labeled datasets to train threat hunters and incident responders, validate detection logic, and develop robust analytic models. EvidenceForge helps teams overcome the limitations of anonymized or...
CVE-2026-40226 In nspawn in systemd 233 through 259 before 260, an escape-to-host action can...
Information published. - Read more
Mytheresa – 84,108 breached accounts
In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group. After the...
Ameriprise – 502,597 breached accounts
In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group...
Latest article
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency
Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online,...
Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports...
Fake Software Tutorials on TikTok Spread Vidar Stealer
Threat actors push fake free-software tutorials on TikTok and Instagram to spread Vidar stealer - Read more
