Expect Iran to launch cyber-attacks globally, warns Google head of threat intel
Google’s threat intel chief warns Iran may expand deniable cyber-attacks globally, targeting the US, Gulf allies and critical sectors.
ThreatsDay Bulletin shows how old tricks keep finding new ways in
This week’s threats show attackers blending OAuth abuse, EDR tampering, chat phishing, malicious ZIPs, and AI platform compromise.
DoJ disrupts 3 million-device IoT botnets tied to record 31.4 Tbps DDoS attacks
DoJ’s IoT botnet disruption highlights how millions of insecure devices can fuel record 31.4 Tbps DDoS attacks across the internet.
Trivy GitHub Actions breach shows how tag hijacking can expose CI/CD secrets at scale
Attackers reportedly hijacked 75 Trivy GitHub Action tags, turning a trusted security tool into a CI/CD secret-stealing supply-chain threat.
Nation-state hackers embrace Gemini AI for malicious campaigns, Google finds
Google says state-backed hackers are using Gemini AI across cyber operations, boosting phishing, recon, and scripting without creating new attack clas
The Iran war: what you need to know
Iran-related escalation can spill into cyber, shipping, energy, and influence operations, raising risks for governments, firms, and critical infrastru
Intellexa’s global corporate web shows how Predator spyware survives scrutiny
Recorded Future’s Intellexa report shows how Predator spyware survives through front companies, sanctions evasion pressure, and wider targeting.
Surge in attacks on surveillance cameras linked to Iranian hackers
Iran-linked attacks on surveillance cameras show how exposed IoT devices can become high-value intelligence assets during conflict.
Project Compass targets The Com with 30 arrests across youth cybercrime network
Europol’s Project Compass hits The Com with 30 arrests, exposing how youth cybercrime networks blend social engineering, extortion and ransomware.
Russian intelligence targets messaging accounts instead of breaking encryption
CISA and the FBI warn Russian intelligence is phishing messaging app users, bypassing encryption by stealing accounts instead.
DarkSword shows how the iPhone exploit market serves surveillance operations
DarkSword highlights a commercial iPhone exploit market where spyware vendors and state actors use chained flaws for covert surveillance.
9 critical IP KVM flaws expose a dangerous new path to root access
Nine flaws in low-cost IP KVMs could give attackers unauthenticated root access and stealthy control over connected systems.