How to build an incident response framework
Frameworks provide the structure for an effective incident response program. Here's where to turn for guidance on what to include. - Read more
CVE-2026-20841 Windows Notepad App Remote Code Execution Vulnerability
Added an FAQ and updated the CVSS score. This is an informational change only. - Read more
Cybercrime Ethos: The Shifting Sands of Medical Neutrality
By: Josh Bartolomie, Chief Security Officer, CofenseIntroduction: A Paradigm Shift in Threat Actor BehaviorI have always told myself that I never want to become a stereotypical "stuck in time" security graybeard, the infosec equivalent of "back in my day, we walked to school uphill, both ways, in the snow!" My fear is not of being nostalgic, but that I...
Fragmentation Defined 2025’s Threat Landscape. Here’s What It Means for 2026
Uncertainty has become the operating environment for business. And this year, fragmentation is driving it. The global threat landscape didn't simplify in 2025; it shattered. Geopolitical alliances strained. Criminal enterprises splintered under law enforcement pressure, then regrouped into smaller, faster, and harder-to-track operations. State-sponsored cyber actors shifted from dramatic disruptions to quiet pre-positioning, embedding themselves in networks and...
State of Security Report | Recorded Future
Fragmentation is the new normal The global threat landscape didn't simplify in 2025—it shattered. Geopolitical alliances strained. Criminal enterprises splintered and regrouped. State-sponsored actors shifted from dramatic disruptions to quiet pre-positioning. And as long-established norms unwound, convergence across once-distinct domains created unprecedented uncertainty. The 2026 State of Security report delivers Insikt Group's most comprehensive annual...
VoidLink Framework Enables On-Demand Tool Generation with Windows Plugin Support
A newly tracked intrusion framework called VoidLink is drawing attention for its modular design and focus on Linux systems. It behaves like an implant management framework, letting operators deploy a core implant and add capabilities as needed, which shortens the time from access to action. Recent activity has been linked to a threat actor Cisco refers to as UAT-9921,...
North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware - Read more
CVE volumes may plausibly reach 100,000 this year
The number of vulnerabilities to be disclosed in 2026 is almost certain to exceed last year's total, and may be heading towards 100,000, according to new analysis. - Read more
The game is over: when “free” comes at too high a price. What we know about RenEngine
We often describe cases of malware distribution under the guise of game cheats and pirated software. Sometimes such methods are used to spread complex malware that employs advanced techniques and sophisticated infection chains.
In February 2026, researchers from Howler Cell announced the discovery of a mass campaign distributing pirated games infected with a previously unknown family of malware. It turned...
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
