A new report from the Cyber Defence Centre at Ontinue has found a campaign targeting software developers with fake installation pages that look like official sites for AI tools like Claude Code.
The attack begins when a user searches for ‘install Claude code’ and clicks on a sponsored result. This link goes to a lookalike page that shows an installation command. While the real command uses the host ‘claude.ai,’ the fake version uses ‘events.msft23.com.’ Running this command enables Invoke-Rest
A second serious flaw affecting the Linux kernel has been disclosed within weeks, prompting calls for emergency defensive measures from kernel developers. The newly revealed vulnerability, nicknamed "Dirty Frag," allows attackers with low-level access to an affected system to gain full administrative control, according to security researchers and Linux distribution maintainers.
The flaw was discovered by independent researcher Hyunwoo Kim, who said it affects the same area of the Linux kernel i
In the manufacturing sector, the traditional boundary between "the network" and "the floor" has effectively dissolved. According to Trackforce's executive trends report, Cyber-Physical Security Convergence in Manufacturing, the manufacturing world is entering an era where operational uptime is inseparable from cybersecurity posture. For cybersecurity professionals, this shift means that protecting data is no longer the sole objective; the new mandate is protecting operational continuity. When
A recent analysis report by Surfshark found that, among global data breaches, South Africa ranks 42nd in Q1 2026. Globally, 210.3 million accounts were breached, with the US ranking first at 29% of all breaches from January through March. France takes second place, followed by India, Brazil, and the UK.[1] Surfshark is a consumer-focused cybersecurity and privacy product suite.
Since 2004, South Africa has been the second-most breached country in Africa, with 45.7 million compromised user acc
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions.
Canvas parent firm Instructure responded to today’s defacement attacks by disabling the platform, which is used by t
A Florida man who worked as a ransomware negotiator at a US cyber incident response firm has pleaded guilty to conspiring with the BlackCat/ALPHV ransomware group, feeding the attackers confidential information about his own clients while simultaneously negotiating on their behalf. Angelo Martino, 41, of Land O'Lakes, Florida, admitted to providing BlackCat operators with clients' insurance policy limits and internal negotiation strategies without his employer's or clients' knowledge. The oper
The US DHS, Cybersecurity and Infrastructure Security Agency (CISA) is launching new cybersecurity crisis planning guidance for critical infrastructure organizations. CISA’s new “CI Fortify” initiative notably pushes water utilities, the transportation sector and other critical infrastructure organizations to plan for a “geopolitical crisis” involving cyber-attacks that could sever their connections to internet, telecommunications and other technology services.
CISA’s guidance features two prim
Security researchers at Kaspersky say they have identified a malicious backdoor planted in the popular and long-running Windows disc imaging software, Daemon Tools. The Russian cybersecurity company said on 5 May that data collected from computers around the world running the Kaspersky antivirus software shows a “widespread” attack is under way, targeting thousands of Windows computers running Daemon Tools.
The hackers, whom Kaspersky has linked to a Chinese-language speaking group based on an
Imagine you're a chief executive. Your AI strategy task force has just presented you with two strategic options. The first one is safe. You can use agentic AI to reduce overhead and save 10% of overall human capital costs.
Organizations secure work phones and company laptops, but attackers could target the electrical current running through those devices. Direct current (DC) power regulation helps stabilize the energy powering electronics people use daily, from solar panels and connected cars to smartphones and essential computer parts. It's also vital across critical infrastructures, including telecommunications, industrial automation, and data centers. DC regulators provide stable voltage to prevent damage or
According to a recent security report, the North Korean hacker group APT37 is distributing an Android malware strain called “BirdCall” in a supply-chain attack through a compromised video game platform. BirdCall is a known backdoor for Windows systems, but APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android variant that also functions as spyware.
Researchers at cybersecurity company ESET say the threat group created BirdCall for Android around October 2024 and has sin
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
Life sciences are on the cutting-edge of innovation: They’re developing breakthrough drugs and vaccines, advanced medical devices and diagnostic tools, and sustainable environmental solutions. But all this advancement is exactly what makes pharmaceutical, biotech and medical device firms prime targets for cyberattacks, data breaches, fraud and even counterfeiting. And these risks are causing financial and operational disasters across the industry. That’s why comprehensive insurance programs a
By the time Ayleen Charlotte realized what had happened, she was broke, in debt, and did not know what to do. Her boyfriend of well over a year was Shimon Hayut, the infamous "Tinder Swindler," and she was one of many women he had scammed out of nearly everything they had. The women were victims of a "pig-butchering" scam, a type of social engineering campaign in which the criminal spends months building trust with the target, just as a farmer takes time to fatten a pig before slaughter, befor
Quantum technologies are often described as if they operate through a narrow keyhole, letting one fragile process slip through at a time. Work from Bar-Ilan University, described in the paper Multiplexed processing of quantum information across an ultrawide optical bandwidth shows that this picture is far too small. A single beam of quantum light can carry many independent channels at once, each one capable of carrying its own quantum information. The surprising part is that the limitation ha
A new warning has come from the US Federal Trade Commission (FTC) regarding a pointed surge in social media fraud, with reported consumer losses exceeding $2.1 billion in 2025. Representing an eightfold increase since 2020, malicious actors actively leveraged platforms like Facebook, Instagram, and WhatsApp to exploit nearly 30% of all fraud victims last year. Remarkably, individuals reported losing significantly more money to Facebook-originated schemes than to traditional text and email camp
Cybersecurity researchers at watchTowr Labs have reported a critical security vulnerability in cPanel and WHM (Web Host Manager) a software suite used to manage over 70 million websites globally. For your information, WHM is used for server-wide administration and cPanel is for individual website owners, and this vulnerability , tracked as CVE-2026-41940, allows hackers to bypass the suite’s login screens entirely to gain root access.
The risk is unmistakable given that CVE-2026-41940 has a CVS
Anthropic, the AI safety company behind the Claude family of models, said on 22 April 2026, that it is investigating reports of unauthorized access to an experimental internal system called Mythos, described in reporting by The Guardian as capable of enabling advanced hacking techniques. The disclosure has put a company that built its reputation on cautious AI development in the uncomfortable position of defending its own internal security.
What Anthropic has confirmed - The verified facts are n
In 2026, the question for security leaders is not whether a supply chain attack is coming. Every serious organization should assume it is. The question is whether their defense architecture can stop a payload it has never seen before. It is a question that takes on even more critical implications at a time when trusted agentic automation increasingly becomes the norm.
In three weeks this spring, three threat actors each ran a tier-1 supply-chain attack against widely deployed software: LiteLL
The UK’s National Cyber Security Centre (NCSC-UK) and allied cyber agencies are warning that China-linked actors are increasingly relying on vast proxy networks of hijacked consumer devices to conceal cyberattacks and evade detection. A new joint statement details how the threat actors now route malicious traffic through compromised routers, cameras, recorders, and network-attached storage (NAS) devices instead of using rented infrastructure. This method means attacks are harder to trace since
