New Dohdoor malware campaign targets education and health care
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Dohdoor utilizes the DNS-over-HTTPS (DoH)...
Fake UK government website redirect detection time reduced to eight days
It used to take two months, but the UK government has reduced the time it takes to address fake DNS redirects - Read...
CVE-2026-23229 crypto: virtio – Add spinlock protection with virtqueue notification
Information published. - Read more
Recorded Future Expands Coverage of Scams and Financial Fraud with Money Mule Intelligence from...
Recorded Future is expanding its payment fraud prevention capabilities through a partnership with CYBERA, the industry leader in detecting and verifying data on...
Elastic Stack 9.3.1 released
Version 9.3.1 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 9.3.1 over the previous versions...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End User Credentials Tenable Research has identified and responsibly disclosed a...
Hackers Can Abuse Cortex XDR Live Terminal Feature for C2 Communications
A newly disclosed research finding has revealed that Palo Alto Networks’ Cortex XDR Live Terminal feature can be turned into a command-and-control (C2) channel...
Active exploitation of Cisco Catalyst SD-WAN by UAT-8616
Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker...
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files...
By Aviv Donenfeld and Oded Vanunu Executive Summary Check Point Research has discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to achieve...
Latest article
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other...
Metasploit Wrap-Up 05/01/2026
MCP serverThis release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications...
Windows shell spoofing vulnerability puts sensitive data at risk
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a Windows shell spoofing vulnerability...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations...
