Interlock ransomware exploits critical Cisco FMC Zero-Day CVE-2026-20131 for root access
Amazon warns of active Interlock ransomware exploiting critical Cisco FMC zero-day CVE-2026-20131 (CVSS 10.0) for unauthenticated root access via insecure deserialization.
Marquis ransomware attack exposes 672,000 records, disrupts 74 US banks
Texas financial services provider Marquis reveals ransomware attack exposed 672,000 records and disrupted operations at 74 US banks, highlighting supply chain risks.
Kimwolf botnet infiltrates 2 million IoT devices in critical infrastructure networks
Kimwolf botnet compromises 2M+ IoT devices in govt/corporate networks, enabling DDoS attacks & malicious traffic relay through sophisticated lateral movement.
GlassWorm malware campaign hijacks GitHub tokens to poison python repositories
GlassWorm malware campaign exploits stolen GitHub tokens to inject malicious code into Python repositories, targeting Django, ML projects, and PyPI packages.
UNC6426 exploits nx npm Supply-Chain attack to gain AWS admin access in 72 hours
UNC6426 leveraged nx npm supply chain compromise to achieve complete AWS admin access within 72 hours, demonstrating devastating speed of modern cyberattacks.
Secure-by-Design principles extend beyond code to combat enterprise risk
Organizations adapt secure-by-design software practices to tackle non-technical risks like governance failures and human error across business operations.
AI browser vulnerability exposed: Perplexity's Comet tricked into phishing scam in under four minutes
Security researchers successfully manipulated Perplexity's Comet AI browser into falling for phishing scams in under four minutes, exposing critical vulnerabilities.
Please don't feed the scattered Lapsus shinyhunters: The rise of a ruthless ransomware gang
Scattered Lapsus ShinyHunters represents a dangerous evolution in ransomware tactics, combining traditional cyberattacks with real-world harassment and swatting
International law enforcement dismantles SocksEscort botnet: 369,000 compromised ips used for global cybercrime
International law enforcement dismantles SocksEscort botnet that compromised 369,000 IPs across 163 countries, enabling large-scale fraud through infected routers.
Unmasking 'dort': The elusive mastermind behind the Kimwolf botnet empire
The mysterious 'Dort' controls the world's largest botnet, escalating from DDoS attacks to real-world swatting incidents against security researchers.
'InstallFix' campaign exploits AI coding tools to spread malware via fake Claude sites
New 'InstallFix' campaign uses fake Claude AI sites and malvertising to trick developers into executing malicious code, exploiting trust in AI coding tools.
Security teams grapple with agentic AI Auto-Remediation readiness
Security teams face readiness challenges as agentic AI promises autonomous threat remediation, raising questions about trust, governance, and infrastructure preparedness.