For years, the manufacturing sector operated under the "security through obscurity" model relying on air-gapped systems and proprietary protocols to stay off the radar of mainstream cybercriminals. According to the Huntress 2026 Cyber Threat Report, those days are officially over. Manufacturing has emerged as one of the most targeted industries, not necessarily because its data is the most valuable, but because its tolerance for downtime is the lowest. In an industry where "minutes equal million
All Articles (2941)
Sort by
The term ClickFix refers to a recent trend in social engineering that’s been growing, where a user is tricked in one way or another into “fixing” a supposed problem. In such cases, the “fix” that the user is trying to perform is actually executing malicious actions. ClickFix tactics, while not new, have become one of the most widely used initial access methods in the last year.
We can see some examples of how this might look below. This example shows an iClicker compromised verification page
Rebranded as TrendAI, Trend Micro has published findings from a global study of 3,700 business and IT decision makers showing that 67% felt pressured to approve artificial intelligence projects despite security concerns. One in seven described those concerns as extreme, yet overrode them to match competitors and meet internal demands.
Chief Platform and Business Officer and Head of TrendAI, Rachel Jin, commented: “Organizations are not lacking awareness of risk; they’re lacking the conditions t
In the arms race of modern cybersecurity, automated bug detection has been viewed by many as the holy grail. Mentioned in a recent in-depth sector report from Moody's Ratings suggests that the technological leap is creating a dangerous paradox. While AI is becoming a powerhouse for identifying code weaknesses, it is simultaneously widening the gap between vulnerability discovery and remediation, leaving many organizations more exposed than ever. For cybersecurity professionals, the report highl
Russian police in the Rostov region arrested a Taganrog resident believed to be the owner and administrator of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools. According to a report from the Russian state-owned news agency TASS, Russian Ministry of Internal Affairs spokesperson Irina Volk, who announced the arrest, said the unnamed suspect is also accused of creating the LeakBase hacker platform. LeakBase surfaced in 2021 as a project support
The International Maritime Organization (IMO) has approved a global strategy on maritime digitalization, alongside mandatory cybersecurity measures for maritime single windows, aimed at improving safety, efficiency, and operational resilience. The strategy, endorsed by the IMO Facilitation Committee (FAL) during its 50th session in London (23–27 March 2026), sets digitalization as an overarching IMO policy.[1]
The International Maritime Organization (IMO) is a specialized agency of the United N
Hackers are claiming to have stolen a trove of data belonging to Lockheed Martin, the world’s largest defense contractor and an American aerospace company. They are now selling it on the dark web.
The situation began on March 26, 2026, when a Telegram account linked to a dark web marketplace known as Threat Market, which posts in both Russian and English, claimed it had been approached by a group described as “APT IRAN.” According to the post, the group requested infrastructure support to sell
1. Preparing the cyber workforce for autonomous security
As security becomes automated, agents are taking on more intelligence-driven tasks, in the security operations center (SOC), as well as compliance and risk management, and identity management. Autonomous security is set to play a critical role in identifying and monitoring non-human identity activity.
2. Navigating geopolitics, building resilience and compliance
Both digital defenses and physical assets are threatened by potential attacks fr
Cyber attackers have set their sights on French-speaking professionals, luring victims with fake résumé attachments in an active phishing campaign designed to deploy credential stealers and cryptocurrency miners. The activity, now tracked as FAUX#ELEVATE, relies on heavily obfuscated VBScript files disguised as CV documents, which execute silently while displaying fake error messages. The malware uses sandbox evasion, persistence techniques, and a domain-check mechanism to ensure only enterpri
Google has warned that ransomware gangs are reinventing their business models as traditional encryption-based attacks become less profitable and data-theft extortion surges. According to new analysis, better cybersecurity controls, improved backup strategies, and stronger recovery capabilities mean more victims can restore their systems without paying, directly eroding criminal revenue. However, threat actors are not retreating; they are adapting their methods to make operations harder to disr
Across boardrooms and IT departments, a dangerous assumption continues to grow because data resides in Microsoft 365 and Azure it is automatically secure. This belief is fundamentally flawed and creates a false sense of protection that masks real exposure, turning what should be a strategic cloud advantage into a ticking time bomb quietly building risk inside the organization’s own environment.[1]
Microsoft builds the platform; it does not defend your specific environment. What you monitor, ho
Since US and Israeli strikes began against Iranian military and nuclear infrastructure in late February, two wars have been running simultaneously. One is kinetic. The other involves something the world has not fully reckoned with: the systematic use of artificial intelligence to manufacture reality, at scale, in real time, during active armed conflict.[1]
Within days of the opening strikes, AI-generated video of missile impacts on the USS Abraham Lincoln was spreading across TikTok. Fabricate
Cybersecurity researchers have spotted a sneaky new trick used by hackers to compromise developers’ computers. This latest threat, which first appeared at the beginning of February 2026, involves malicious code hidden inside npm packages, which programmers use to create apps. According to researchers at ReversingLabs, this specific attack, dubbed the Ghost campaign, tricks users into thinking they are installing a helpful tool. The software is busy stealing private data in the background.[1]
On 24 March 2026, two versions of the litellm Python package on PyPI were found to contain malicious code. The packages (versions 1.82.7 and 1.82.8) were published by a threat actor known as TeamPCP after they obtained the maintainer's PyPI credentials through a prior compromise of Trivy, an open source security scanner used in litellm's CI/CD pipeline.
The malicious versions were available for approximately three hours before PyPI quarantined the package. litellm is downloaded roughly 3.4 mill
A US federal jury in Los Angeles on 25 March 2026 found Meta and Google liable in a closely watched trial accusing social media platforms of designing their products to get young users addicted, awarding the plaintiff $3 million in damages. Meta was ordered to pay 70% of the awarded compensatory damages, while Google is responsible for the rest. The verdict came after nine days, roughly 43 hours, of deliberations. The jury is expected to decide on punitive damages. "For years, social media c
A cyber-criminal is attempting to sell a zero-day exploit targeting a Windows Remote Desktop Services (RDS) privilege escalation vulnerability for US$220,000 on a cybercrime forum. The listing, identified by threat intelligence analysts, highlights the rapid commercialization of critical vulnerabilities within the criminal underground. The sale was posted by a user registered under the name 'Kamirmassabi' in the "Malware, Exploits, Bundles, AZ, Crypt" section of a prominent dark web forum. Th
A new iOS exploit chain and payload called ‘DarkSword’ is stealing sensitive personal information from iPhones running iOS 18.4 to 18.7. The toolkit is linked to multiple threat actors, including Russian-aligned UNC6353, who previously leveraged a similar exploit chain called Coruna. DarkSword was subsequently uncovered while various researchers analyzed Coruna’s infrastructure.
In early November 2025, NC6748 used DarkSword against Saudi Arabian users via a Snapchat-themed website. Subsequentl
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.
Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP. In December 2025, the group began compromising corporate cloud environments using
In an increasingly interconnected, digital world, it's essential to make the right choices for your security on the Internet. There are good habits to get into to improve online safety, and you should keep your ear to the ground to know when a new threat has emerged or become more prevalent. For example, the Federal Bureau of Investigation recently warned that something as seemingly safe and secure as a home or small business Wi-Fi network could be in danger. This increasingly common criminal th
The Federal Bureau of Investigation (FBI) has officially confirmed that a limited number of its servers have been compromised in a cybersecurity incident. The breach affected surveillance systems used by the FBI for lawful foreign intelligence interception operations, with investigators suspecting state-backed Chinese hackers based on suspicious activity patterns. The security breach occurred during the second week of February 2026 and was detected on 17 February 2026. The incident has raised
