X-Industry

Cybersecurity researchers at Point Wild recently found a new way that cyber-attackers are gaining unauthorized access to computers.  The investigation, led by experts Kedar Shashikant Pandit, Prathamesh Shingare, and Amol Swami from the Lat61 Threat Intelligence Team, reveals that a common tool used by legitimate developers is being twisted by hackers to hide a nasty malware called XWorm.

Attack Details - The attack starts with a trick email or a fake software update, involving a harmless-lookin

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned.  The firm’s chief executive says the malicious activity resulted from a security breach and was likely carried out by a competitor seeking to tarnish his company’s public image.[1]

For the past several years, security experts ha

Potholes, or some say chuck holes, are a troublesome problem.  Just ask scooter company Lime, which listed them as an official risk to its business in its recent IPO filing.  History is littered with claims that technology can help solve or blunt the problem of potholes, and still they persist. But as cars become increasingly laden with advanced sensors, they are becoming a tool that can quickly alert cities to potholes and other municipal problems.[1]

Last month, Waymo and Waze announced a pilo

Google is rolling out a new opt-in feature in Android that aims to help security researchers investigate spyware attacks.  The feature is called “Intrusion Logging” and is part of Android’s Advanced Protection Mode, which Google launched last year, an opt-in special security mode that enables certain features with the goal of making the device harder to hack.  Advanced Protection Mode is designed to counter government spyware attacks and police forensic devices that try to extract data from a pe

On 28 April 2026, SentinelLABS located a script through a Kubernetes-focused VirusTotal hunting rule that stood out from known cloud hack tools: the script’s first actions are to evict and delete tools associated with the TeamPCP attack group, leading us to call the toolset PCPJack.  Analyzing this script led researchers to discover a comprehensive framework for cloud credential harvesting and propagation to internal and external systems.

TeamPCP stood out in early 2026 following the group’s Feb

In the cybersecurity world, we often assume that small and medium-sized businesses (SMBs) are the lagging indicators of digital maturity.  But new research from Tech.co and Expert Market suggests that SMB leaders are becoming surprisingly surgical in their tech adoption.  The data reveal a major pivot in 2026: while many organizations are pulling back AI for general business tasks, automated cybersecurity remains a non-negotiable priority.  As inflation pressures and tech regret drive a more sel

A new report from the Cyber Defence Centre at Ontinue has found a campaign targeting software developers with fake installation pages that look like official sites for AI tools like Claude Code.

The attack begins when a user searches for ‘install Claude code’ and clicks on a sponsored result. This link goes to a lookalike page that shows an installation command.  While the real command uses the host ‘claude.ai,’ the fake version uses ‘events.msft23.com.’  Running this command enables Invoke-Rest

A second serious flaw affecting the Linux kernel has been disclosed within weeks, prompting calls for emergency defensive measures from kernel developers.  The newly revealed vulnerability, nicknamed "Dirty Frag," allows attackers with low-level access to an affected system to gain full administrative control, according to security researchers and Linux distribution maintainers.

The flaw was discovered by independent researcher Hyunwoo Kim, who said it affects the same area of the Linux kernel i

In the manufacturing sector, the traditional boundary between "the network" and "the floor" has effectively dissolved.  According to Trackforce's executive trends report, Cyber-Physical Security Convergence in Manufacturing, the manufacturing world is entering an era where operational uptime is inseparable from cybersecurity posture.  For cybersecurity professionals, this shift means that protecting data is no longer the sole objective; the new mandate is protecting operational continuity.  When

A recent analysis report by Surfshark found that, among global data breaches, South Africa ranks 42nd in Q1 2026.  Globally, 210.3 million accounts were breached, with the US ranking first at 29% of all breaches from January through March.  France takes second place, followed by India, Brazil, and the UK.[1]  Surfshark is a consumer-focused cybersecurity and privacy product suite.

Since 2004, South Africa has been the second-most breached country in Africa, with 45.7 million compromised user acc

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions.

Canvas parent firm Instructure responded to today’s defacement attacks by disabling the platform, which is used by t

A Florida man who worked as a ransomware negotiator at a US cyber incident response firm has pleaded guilty to conspiring with the BlackCat/ALPHV ransomware group, feeding the attackers confidential information about his own clients while simultaneously negotiating on their behalf.  Angelo Martino, 41, of Land O'Lakes, Florida, admitted to providing BlackCat operators with clients' insurance policy limits and internal negotiation strategies without his employer's or clients' knowledge.  The oper

The US DHS, Cybersecurity and Infrastructure Security Agency (CISA) is launching new cybersecurity crisis planning guidance for critical infrastructure organizations.  CISA’s new “CI Fortify” initiative notably pushes water utilities, the transportation sector and other critical infrastructure organizations to plan for a “geopolitical crisis” involving cyber-attacks that could sever their connections to internet, telecommunications and other technology services.

CISA’s guidance features two prim

Security researchers at Kaspersky say they have identified a malicious backdoor planted in the popular and long-running Windows disc imaging software, Daemon Tools.  The Russian cybersecurity company said on 5 May that data collected from computers around the world running the Kaspersky antivirus software shows a “widespread” attack is under way, targeting thousands of Windows computers running Daemon Tools.

The hackers, whom Kaspersky has linked to a Chinese-language speaking group based on an

Imagine you're a chief executive.  Your AI strategy task force has just presented you with two strategic options.  The first one is safe. You can use agentic AI to reduce overhead and save 10% of overall human capital costs.

Agentic AI: Drive Efficiency, Empower Employees, and Transform Results - Agentic AI is transforming the nature of work in all industries.  This package reveals how organizations implement and manage agentic AI across all departments.  It unpacks its ROI on key metrics along

Organizations secure work phones and company laptops, but attackers could target the electrical current running through those devices.  Direct current (DC) power regulation helps stabilize the energy powering electronics people use daily, from solar panels and connected cars to smartphones and essential computer parts.  It's also vital across critical infrastructures, including telecommunications, industrial automation, and data centers.  DC regulators provide stable voltage to prevent damage or

According to a recent security report, the North Korean hacker group APT37 is distributing an Android malware strain called “BirdCall” in a supply-chain attack through a compromised video game platform.  BirdCall is a known backdoor for Windows systems, but APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android variant that also functions as spyware.

Researchers at cybersecurity company ESET say the threat group created BirdCall for Android around October 2024 and has sin

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

Life sciences are on the cutting-edge of innovation: They’re developing breakthrough drugs and vaccines, advanced medical devices and diagnostic tools, and sustainable environmental solutions.  But all this advancement is exactly what makes pharmaceutical, biotech and medical device firms prime targets for cyberattacks, data breaches, fraud and even counterfeiting.  And these risks are causing financial and operational disasters across the industry.  That’s why comprehensive insurance programs a

By the time Ayleen Charlotte realized what had happened, she was broke, in debt, and did not know what to do.  Her boyfriend of well over a year was Shimon Hayut, the infamous "Tinder Swindler," and she was one of many women he had scammed out of nearly everything they had.  The women were victims of a "pig-butchering" scam, a type of social engineering campaign in which the criminal spends months building trust with the target, just as a farmer takes time to fatten a pig before slaughter, befor