🖋️ China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker AmaranthDragon, which it said shares links to the APT 41 ecosystem. Targeted countries include Cambodia,.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Orchid Security Introduces Continuous Identity Observability for Enterprise Applications 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge Identity Lives Outside the Identity Stack Identity and access management tools were built to govern users and directories. Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ The First 90 Seconds: How Early Decisions Shape Incident Response Investigations 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is incomplete. I have seen IR teams recover from sophisticated intrusions with limited telemetry. I have also seen teams lose control of investigations they should have been able to handle. The.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft has warned that informationstealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments by leveraging crossplatform languages like Python and abusing trusted platforms for distribution at scale. The tech giant's Defender Security Research Team said it observed macOStargeted infostealer campaigns using social engineering techniques such as ClickFix since.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code VS Code extensions are published to the opensource repository to combat supply chain threats. The move marks a shift from a reactive to a proactive approach to ensure that malicious extensions don't end up getting published on the Open VSX Registry.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk WHD to its Known Exploited Vulnerabilities KEV catalog, flagging it as actively exploited in attacks. The vulnerability, tracked as CVE202540551 CVSS score 9.8, is a untrusted data deserialization vulnerability that could pave the way for remote.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Global SystemBC Botnet Found Active Across 10,000 Infected Systems 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Global SystemBC Botnet Found Active Across 10,000 Infected Systems
SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure
📔 New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
New Technical Markers Reveal Expanding ShadowSyndicate Infrastructure
ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops
📔 AI Drives Doubling of Phishing Attacks in a Year 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cofense claims AI is making phishing emails more personalized and sophisticated.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
AI Drives Doubling of Phishing Attacks in a Year
Cofense claims AI is making phishing emails more personalized and sophisticated
📔 Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Two Critical Flaws Found in n8n AI Workflow Automation Platform
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks
📔 SolarWinds Web Help Desk Vulnerability Actively Exploited 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog
📔 Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A security researcher found 386 malicious skills published on ClawHub, a skill repository for the popular OpenClaw AI assistant project.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project
🦅 Ransomware Attacks Have Surged 30% Since Q4 2025 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Ransomware groups claimed more than 2,000 attacks in the last three months of 2025 and theyre starting 2026 at the same elevated pace. Cyble recorded 2,018 claimed attacks by ransomware groups in the fourth quarter of 2025, an average of just under 673 a month. The threat groups maintained that pace in January 2026, claiming 679 ransomware victims. By comparison, in the first nine months of 2025, ransomware groups averaged 512 claimed victims a month, so the trend in the last four months has been more than 30 above the previous ninemonth period. The chart below shows ransomware attacks by month since 2021. Qilin Leads All Ransomware Groups as CL0P Returns Qilin once again led all ransomware groups, with 115 claimed attacks in January. A resurgent CL0P has claimed score...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Ransomware Groups Surge In Q4 2025 – Cyble Insights
Cyble reports ransomware groups claimed 2,018 attacks in Q4 2025; trends, top groups, and defense strategies revealed for 2026.
❤1
🖋️ Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in openweight large language models LLMs and improve the overall trust in artificial intelligence AI systems. The tech giant's AI Security team said the scanner leverages three observable signals that can be used to reliably flag the presence of backdoors while maintaining a low false positive.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEADVAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass traditional detection mechanisms and deploy a remote access trojan RAT known as AsyncRAT. "The attack leverages IPFShosted VHD files, extreme script obfuscation, runtime decryption, and inmemory.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤1
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025
📢 Security experts warn Substack users to brace for phishing attacks after breach 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Substack CEO Christ Best confirmed the incident occurred in October 2025.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Security experts warn Substack users to brace for phishing attacks after breach
Substack CEO Christ Best confirmed the incident occurred in October 2025