RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.
Defense
20 articles
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine's National Security and Defense Council) has been observed using lures...
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in recent campaigns. The post Tr...
Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access
Russian state-sponsored and aligned threat groups are increasingly combining Remote Desktop Protocol (RDP), Virtual Private Networks (VPNs), supply chain com...
Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised ...
Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised ...
Senator urges classified briefing after CISA data leak on GitHub
A GitHub leak exposed CISA credentials, sparking concerns over secrets management and leadership.
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBac...
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement
The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizatio...
Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers
A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His d...
Next-generation enterprise defense: Managing risk in the age of agentic AI
The advent of agentic AI demands re-engineered AI-powered SASE architectures.
Implement agentic AI in cybersecurity with Tenable Hexa AI: Reduce cyber risk at machine speed
As frontier AI models collapse the traditional exploit window, Tenable Hexa AI transforms the security operating model from manual triage to agentic orchestr...
Senator presses CISA for answers about alleged GitHub repository leak
U.S.
SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain
A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses. Researchers at SentinelOne ...
GraphWorm Malware Abuses Microsoft OneDrive for Stealthy C2 Operations
A new activity from Webworm, a China-aligned advanced persistent threat (APT) group, revealing a significant evolution in its cyber espionage toolkit during ...
China-Linked Webworm APT Evolves Tactics, Expands to European Targets
China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage tactics, according to ESET research
Virtual Event Today: Threat Detection & Incident Response Summit
The speed and sophistication of cyberattacks have outpaced traditional defense methods. Please join us online today from 11AM -4PM ET for the Threat Detectio...
Ukraine says Russia is deploying AI-powered malware on the battlefield
A new report from Ukraine’s National Security and Defense Council says Russia’s use of AI across cyber operations expanded dramatically over the past year, r...
UAC-0184 Uses Bitsadmin and HTA Files to Deliver Gated Malware
UAC-0184 uses a multi‑stage malware chain that abuses bitsadmin and HTA loaders to reach a heavily obfuscated payload bundle, ultimately hiding behind signed...
7 tips for accelerating cyber incident recovery
Despite strong and redundant defenses, enterprises remain vulnerable to a wide range of cyberattacks. And because attacks — and cyber incidents — are inevita...