MITRE ATT&CK Mapping

GBHackers Ransomware Microsoft 4d ago

Windows Tools Abused to Kill AV Ahead of Ransomware Attacks

Hackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, maki...

T1562 T1598

GBHackers →

The Hacker News General Intel 4d ago

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a ...

T1598

The Hacker News →

GBHackers Phishing Microsoft 4d ago

EvilTokens Launches New Phishing Service Targeting Microsoft Accounts

EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than t...

T1566 T1598

GBHackers →

SANS ISC General 4d ago

Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy...

T1041 T1598

SANS ISC →

GBHackers Phishing 4d ago

Tax Filing Scams Used to Deliver Malware in New Cybercrime Campaigns

Cybercriminals are once again exploiting global tax seasons, abusing IRS and tax filing lures to deliver malware, remote monitoring and management (RMM) tool...

T1566 T1598

GBHackers →

SC Media General 4d ago

Email authentication in 2026: What every organization still gets wrong

More than a decade since DMARC became available, many organizations still don't use it. Here's why you can no longer wait.

T1598

SC Media →

Qualys Blog Vulnerability Disclosure Qualys 5d ago

Optimizing Risk Discovery and Remediation with Qualys Gateway Service (QGS)

Unpatched vulnerabilities remain one of the largest drivers of cyber risk, accounting for nearly 60% of cyber compromises. Modern security programs are there...

T1598

Qualys Blog →

Infosecurity Magazine Vulnerability Disclosure 5d ago

Cybercriminals Exploit Tax Season With New Phishing Tactics

Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams

T1566 T1078 T1598

Infosecurity Magazine →

SANS ISC Ransomware Intel 5d ago

TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)

This is the fourth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Wea...

T1598

SANS ISC →

SC Media Campaigns 5d ago

ShinyHunters marks BreachForums departure with user database leak

Infamous cybercrime marketplace BreachForums had its latest database impacting over 300,000 users exposed by the ShinyHunters threat operation as it exited t...

T1598

SC Media →

Schneier on Security Malware Apple 5d ago

Apple’s Camera Indicator Lights

A thoughtful review of Apple’s system to alert users that the camera is on. It’s really well-designed, and important in a world where malware could surreptit...

T1598

Schneier on Security →

CSO Online General 5d ago

APIs are the new perimeter: Here’s how CISOs are securing them

Recent breaches suggest attackers are shifting beyond traditional endpoints to target application programming interfaces (APIs). But typical perimeter protec...

T1598

CSO Online →

The Hacker News Phishing Microsoft 5d ago

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are di...

T1566 T1598

The Hacker News →

SANS ISC Ransomware Intel Mar 28

TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)

This is the third update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026).

T1598

SANS ISC →

SC Media General Mimecast Mar 27

Mimecast's Rob Juncker: The attack surface just got a copilot

Rob Juncker explores why human behavior has become the defining variable in enterprise cybersecurity.

T1598

SC Media →

SANS ISC Ransomware Intel Mar 27

TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

This is the second update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026).

T1598

SANS ISC →

CSO Online General Mar 27

8 steps CISOs can take to empower their teams

Many leaders know empowered teams deliver better results, but not all leaders understand how to get there. It all starts with knowing what empowerment truly ...

T1598

CSO Online →

GBHackers CVE Mar 27

CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited ...

T1598 1 IOC

GBHackers →

GBHackers Malware Apple Cloudflare Mar 27

Fake Cloudflare CAPTCHA Pages Deliver Infiniti Stealer Malware on macOS

A newly discovered macOS infostealer dubbed Infiniti Stealer is being actively distributed through deceptive Cloudflare-style CAPTCHA pages, marking a notabl...

T1204 T1598

GBHackers →

SANS ISC Campaigns Intel Mar 26

TeamPCP Supply Chain Campaign: Update 001 ? Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

This is the first update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, ...

T1598

SANS ISC →