A cyber-criminal is attempting to sell a zero-day exploit targeting a Windows Remote Desktop Services (RDS) privilege escalation vulnerability for US$220,000 on a cybercrime forum. The listing, identified by threat intelligence analysts, highlights the rapid commercialization of critical vulnerabilities within the criminal underground. The sale was posted by a user registered under the name 'Kamirmassabi' in the "Malware, Exploits, Bundles, AZ, Crypt" section of a prominent dark web forum. Th
All Articles (2926)
Sort by
A new iOS exploit chain and payload called ‘DarkSword’ is stealing sensitive personal information from iPhones running iOS 18.4 to 18.7. The toolkit is linked to multiple threat actors, including Russian-aligned UNC6353, who previously leveraged a similar exploit chain called Coruna. DarkSword was subsequently uncovered while various researchers analyzed Coruna’s infrastructure.
In early November 2025, NC6748 used DarkSword against Saudi Arabian users via a Snapchat-themed website. Subsequentl
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.
Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP. In December 2025, the group began compromising corporate cloud environments using
In an increasingly interconnected, digital world, it's essential to make the right choices for your security on the Internet. There are good habits to get into to improve online safety, and you should keep your ear to the ground to know when a new threat has emerged or become more prevalent. For example, the Federal Bureau of Investigation recently warned that something as seemingly safe and secure as a home or small business Wi-Fi network could be in danger. This increasingly common criminal th
The Federal Bureau of Investigation (FBI) has officially confirmed that a limited number of its servers have been compromised in a cybersecurity incident. The breach affected surveillance systems used by the FBI for lawful foreign intelligence interception operations, with investigators suspecting state-backed Chinese hackers based on suspicious activity patterns. The security breach occurred during the second week of February 2026 and was detected on 17 February 2026. The incident has raised
Hewlett Packard Enterprise (HPE) has released its inaugural cyber threat report, titled 'In the Wild', revealing a significant shift in the operational strategies of modern cyber adversaries. Released on 17 March 2026, the research indicates that cybercrime groups are increasingly mirroring legitimate enterprise business models to maximize financial gain. The report, based on an analysis of 1,186 active threat campaigns observed globally throughout 2025, suggests that the threat landscape has
You probably associate information security with desktops and laptops, business computers, and servers in datacenters. Too often, we assume that our mobile devices are inherently more secure, probably because of how we interact with them. But last week’s security news includes warnings for iPhone and Android users. Just a reminder that no one is safe.
First, if you haven’t updated iOS, it’s time to do so. Last week, it was reported that iPhone users running iOS 18.4 to 18.7 are vulnerable to
Cyfirma cybersecurity researchers have unveiled a detailed analysis of a new threat: TaxiSpy RAT, a sophisticated Android banking trojan with remote access capabilities. This malware primarily targets Russian users and financial institutions, compromising apps related to banking, cryptocurrency, government services, and online marketplaces. The report highlights how this threat exploits vulnerabilities to facilitate financial fraud, posing significant risks to individuals and organizations ali
Dutch intelligence agencies have revealed an extensive cyber campaign by Russian state-backed hackers aimed at infiltrating Signal and WhatsApp accounts of high-profile individuals worldwide. The Military Intelligence and Security Service (MIVD) and General Intelligence and Security Service (AIVD) describe the effort as large-scale and ongoing, exploiting user vulnerabilities rather than app flaws. The operation focuses on government officials, military personnel, and civil servants, with Du
Every time you check your bank balance online, send an email, or make a purchase with a credit card, your information is encrypted, a mathematical shield that keeps your data protected from prying eyes. This encryption has worked extremely well for decades. The algorithms safeguarding your most sensitive data would take today’s most powerful traditional computers millions of years to crack. However, a new type of machine is emerging that could change everything. That machine is the quantum c
In the ongoing conflict between the United States and Iran, cyber operations have emerged as a significant component alongside conventional military actions. Operation Epic Fury, initiated on 28 February 2026, involved coordinated strikes that targeted key Iranian leadership and infrastructure, with digital disruptions playing a crucial role in limiting the adversary's response capabilities. Iranian connectivity fell by at least 46% during the strikes, signaling intense cyber involvement.[1]
T
Lloyd’s of London is reporting that Iran has created a de facto ‘safe’ shipping corridor through its territorial waters in the Strait of Hormuz, offering vetted vessels passage in exchange for approval and in at least one case, a reported $2m payment. While use of the Iranian corridor is being negotiated on a case-by-case basis, Lloyd’s List understands the IRGC is expected to establish a more formalised vessel approval process in the coming days.[1]
At least one tanker operator is understood t
Throughout early 2026, SentinelOne’s® Digital Forensics & Incident Response (DFIR) team has responded to several incidents in which FortiGate Next-Generation Firewalls (NGFW) have been compromised to establish a foothold in the targeted environment. Each incident was detected and stopped during the lateral movement phase of the attack. Fortinet disclosed and issued patches for several high-severity vulnerabilities, allowing unauthorized access during our investigation period. Successful explo
The National Centre for Nuclear Research (NCBJ) is Poland’s largest research institute focused on nuclear science and technology. It operates the country’s only nuclear research reactor, MARIA, and conducts research in nuclear and particle physics, reactor technology, radiopharmaceuticals for medical applications, and industrial and environmental applications.
NCBJ also supports Poland’s civilian nuclear power program, but it does not conduct any military-related activities. Poland does not ha
Cofense researchers have found a new phishing scam where threat actors use LiveChat software to impersonate brands like Amazon and PayPal. By chatting with victims in real-time, these cybercriminals can bypass security codes and steal credit card information. Online threat actors have found a new way to trick people by using live chat tools that we usually see on official business websites. According to the latest research from the Cofense Phishing Defense Center (PDC), a new wave of scams is
Criminals have secretly hijacked more than 14,000 devices worldwide to carry out attacks that are almost impossible to protect against, security researchers have warned. Many devices infected by the sophisticated new malware, called ‘KadNap’, are Asus routers, which are being used to route malicious traffic to carry out large-scale cyberattacks. Details of the KadNap botnet were shared by the cybersecurity firm Lumen in a new report, which revealed that it is using a decentralized peer-to-peer
As maritime navigation and tracking become ever more dependent on satellite-based systems, this has also given rise to an increase in reports of Global Navigation Satellite System (GNSS) interference affecting commercial shipping routes.[1]
What is GNSS? The Global Navigation Satellite System comprises of 4 operational satellite constellations, that serve both civilian and military use:
- Global Positioning System (US)
- Galileo (EU)
- GLONASS (Russia)
- BeiDou (China)
These constellations, combined
Cybersecurity has evolved beyond issues of ransomware, data loss, or reputational damage; it is now a fundamental matter of national security. The 2026 State of Security Report released by Recorded Future confirms that government-backed cyber operations aimed at espionage and disruption have become commonplace. Geopolitics is now a significant risk factor for organizations, transforming cybersecurity into a strategic challenge heavily influenced by state behavior. International tensions and
Today is Friday the 13th. The 13th is a day often associated with ‘bad luck’. It got us to thinking, is there an association with this ‘bad luck’ day and cyber attacks? So, we asked for an AI determination. AI replied, “There is no established or widely recognized connection between Friday the 13th and cyber-attacks. While Friday the 13th is considered an unlucky day in Western superstition, there is no evidence to suggest that cyber criminals specifically target this date for attacks. How
Blockchain analysis firm Chainalysis has released new data indicating that ransomware activity in 2025 featured reduced overall revenue alongside increased disruption and economic damage. Globally, on-chain payments to attackers totaled approximately $820 million, an 8% decline from the previous year, yet the number of attacks claimed rose by 50%, and the UK emerged as one of the most targeted nations with severe impacts on major organizations.[1]
The use of blockchain technology in tracking ra
