Cryptocurrency wallet service Zerion has disclosed that one of its team member’s devices was compromised, resulting in the theft of approximately $100K in stolen funds from internal company hot wallets. The company noted that user funds, Zerion apps, or infrastructure were not impacted by the breach. The team member is said to have been the target of an artificial intelligence (AI)-enabled social engineering attack carried by a North Korean threat actor tracked as UNC1069. The hacking group was recently attributed to the poisoning of the popular Axios npm package. «This allowed the attacker to gain access to some of the team members’ logged-in sessions and credentials as well as private keys to company hot wallets used for testing and internal purposes,» Zerion said. «This was not an opportunistic attack. The actor is clearly sophisticated and well-resourced. They planned the attack thoroughly.»

The European Union has announced that it will soon roll out a new online age verification app to allow users to prove their age when accessing online platforms. Users can set it up by downloading the app on their Android or iOS device using a passport or ID card. The Commission has emphasized that the app will respect users’ privacy. «Users will prove their age without revealing any other personal information,» President of the European Commission, Ursula von der Leyen, said. «Put simply, it is completely anonymous: users cannot be tracked. Third, the app works on any device – phone, tablet, computer, you name it. And, finally, it is fully open source – everyone can check the code.» The development comes as countries around the world are undertaking various stages of regulatory action to keep cyberspace a safer place for children and minors and protect them from serious harm.

A researcher using the alias «Chaotic Eclipse» released a zero-day exploit called BlueHammer earlier this month following Microsoft’s handling of the vulnerability disclosure process. Although the issue appears to have been fixed as of this month’s Patch Tuesday release (CVE-2026-33825), the researcher has since disclosed a new unpatched Microsoft Defender privilege escalation vulnerability. The exploit has been codenamed RedSun. «This works 100% reliably to go from unprivileged user to SYSTEM against Windows 11 and Windows Server with April 2026 updates, as well as Windows 10, as long as you have Windows Defender enabled,» security researcher Will Dormann said.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added an old remote code execution vulnerability impacting Microsoft Office to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the shortcoming by April 28, 2026. The vulnerability in question is CVE-2009-0238, which has a CVSS score of 8.8. «Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object,» CISA said.

Raspberry Pi has released version 6.2 of its Raspberry Pi OS, which introduces one significant change: it disables passwordless sudo by default. As a result, users who run a sudo command for administrator-level access will be prompted to enter the current user’s password. The change affects only new installations; existing setups are untouched. «Given the ever-increasing threat of cybercrime, we continually review the security of Raspberry Pi OS to ensure it is sufficiently robust to withstand potential attacks,» Raspberry Pi said. «This is always a tricky balance, as anything that makes the operating system more secure will invariably inconvenience legitimate users to some extent, so we try to keep such changes to a minimum. This particular security update is one that many users may not even notice, but it will affect some.»

A previously undocumented command-and-control (C2) framework dubbed ObsidianStrike has been deployed on infrastructure belonging to a Brazilian law firm. «Only two instances of ObsidianStrike exist on the entire internet,» Breakglass Intelligence said. «The framework has zero presence on GitHub, zero samples on VirusTotal or MalwareBazaar, and near-zero vendor detection. This is a fully private, Portuguese-language C2 built for targeted Windows operations, hidden behind a victim organization’s domain.» Also discovered by the security vendor is ArchangelC2, a C2 panel behind an industrial-scale ScreenConnect remote-access fraud campaign that has been operational since November 2024.

A fake Ledger app managed to slip onto the Apple App Store, draining $9.5 million in cryptocurrency from more than 50 victims between April 7 and April 13, 2026. The app, named Ledger Live, was released by a developer, «SAS Software Company,» and published under «Leva Heal Limited.» Users who downloaded the fraudulent app were tricked into entering their seed phrases, giving attackers full access to their wallets and allowing them to send digital assets to external addresses under their control. While Apple has since removed the macOS app from the store, questions remain as to how it managed to pass the company’s review process. In more Apple-related news, the company has also removed a data harvesting app called Freecash from its App Store after it was deceptivelyadvertised as a way to «make money just by scrolling TikTok,» while collecting sensitive information from users. This included details about a user’s race, religion, sex life, sexual orientation, health, and other biometrics. Once installed, however, instead of the promised functionality, users were routed to a roster of mobile games where they are offered cash rewards for completing time-limited in-game challenges. The app continues to be available on the Google Play Store.

Cybercriminals are using a new ransomware strain called JanaWare to target people in Turkey, according to Acronis. The attack leverages phishing emails containing a Google Drive link that paves the way for the download and subsequent execution of a malicious JAR file via javaw.exe. The payload is a customized Adwind (aka AlienSpy, jRAT, or Sockrat) variant with polymorphic characteristics that’s used to deliver the ransomware module. The malware implements geofencing and environment filtering to ensure that the compromised systems match the Turkish language and region. While none of these tricks are particularly novel or advanced, they continue to work against unprotected small targets. It’s unclear how many people or businesses might have fallen prey to the scheme. The low-stakes, localized approach has allowed the campaign to persist since at least 2020 without any major disruption. «Victimology appears to primarily include home users and small to medium-sized businesses. Initial access is assessed to occur via phishing emails delivering malicious Java archives,» the company said. «Ransom demands observed in analyzed samples range from $200–$400, consistent with a low-value, high-volume monetization approach.»

Google said it’s introducing a new spam policy for «back button hijacking,» which occurs when a site interferes with a user’s browser navigation and prevents them from using their back button to immediately get back to the page they came from. Instead, the hijack could redirect users to sketchy sites or other pages they have never visited before. «Back button hijacking interferes with the browser’s functionality, breaks the expected user journey, and results in user frustration,» Google said. «Pages that are engaging in back button hijacking may be subject to manual spam actions or automated demotions, which can impact the site’s performance in Google Search results. To give site owners time to make any needed changes, we’re publishing this policy two months in advance of enforcement on June 15, 2026.»

The China-linked hacking group known as APT41 has been attributed to an undetectable, purpose-built ELF backdoor targeting Linux cloud workloads across Amazon Web Services (AWS), Google Cloud, Microsoft Azure, and Alibaba Cloud environments. «The implant uses SMTP port 25 as a covert command-and-control channel, harvests cloud provider credentials and metadata, and phones home to three Alibaba-themed typosquat domains hosted on Alibaba Cloud infrastructure in Singapore,» Breakglass Intelligence said. «A selective C2 handshake validation mechanism renders the server invisible to conventional scanning tools like Shodan and Censys.»

Starting with the April 2026 security update (CVE-2026-26151), Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection (RDP) files, adding security warnings and turning off redirections by default. «Malicious actors misuse this capability by sending RDP files through phishing emails,» Microsoft said. «When a victim opens the file, their device silently connects to a server controlled by the attacker and shares local resources, giving the attacker access to files, credentials, and more.» Russian hacking groups like APT29 have weaponized RDP configuration files to target Ukrainian government agencies, enterprises, and military entities in the past.

Unknown threat actors have staged a supply chain attack on a WordPress plug-in maker called Essential Plugin (formerly WP Online Support) after acquiring it in early 2025 from the original developers in a six-figure deal to plant a backdoor in August and subsequently weaponize it early this month to distribute malicious payloads to any website with the plug-ins installed. WordPress has since permanently closed all the plugins. «The plugin’s wpos-analytics module had phoned home to analytics.essentialplugin.com, downloaded a backdoor file called wp-comments-posts.php (designed to look like the core file wp-comments-post.php), and used it to inject a massive block of PHP into wp-config.php,» Anchor Hosting said. «The injected code was sophisticated. It fetched spam links, redirects, and fake pages from a command-and-control server. It only showed the spam to Googlebot, making it invisible to site owners.» In addition, it resolved the command-and-control (C2) domain through an Ethereum smart contract to make it resilient to takedown efforts. Prior to their removal, the plugins collectively had more than 180,000 installs. «This is a classical case of supply chain compromise that happened because the original vendor sold their plugins to a third-party, which turned out to be a malicious threat actor,» Patchstack said.

Telegram has continued to host Xinbi Guarantee, an illicit marketplace that has processed over $21 billion in total transaction volume, despite sanctions issued by the U.K. last month. The development has raised questions about the platform’s willingness to police its own ecosystem and suspend bad actors. The Chinese-language bazaar is known to offer money laundering solutions to cryptocurrency scammers, harassment services, and products like electrified batons and tasers that cater to investment scams operating out of Southeast Asia. «Xinbi is still going strong,» Elliptic’s cofounder and chief scientist, Tom Robinson, told WIRED. «They’re on track to become the largest market of this kind that has ever existed.»

Orange Cyberdefense has revealed that threat actors used malvertising in three separate incidents observed between early February and early April 2026 to deliver the SmokedHam (aka Parcel RAT, SharpRhino, and WorkersDevBackdoor) backdoor by masquerading it as installers for RVTools or Remote Desktop Manager (RDM). The malware is assessed to be a modified version of the open-source trojan known as ThunderShell. In at least one case, the attack led to the deployment of Qilin ransomware, but not before dropping employee monitoring and remote desktop solutions like Controlio, TeraMind, and Zoho Assist for persistent access, exfiltrating KeePass password databases, and conducting discovery and lateral movement. The adoption of legitimate dual-use tools is a concerning trend as it allows attackers to blend their actions into legitimate activity and reduce the risk of detection. The activity has been attributed with medium confidence to UNC2465, an affiliate of DarkSide, LockBit, and Hunters International. It also overlaps with a campaign detailed by Synacktiv and Field Effect in early 2025.

New research has discovered that the threat actor known as Water Hydra (aka DarkCasino) is still active in 2026, with new evidence uncovering a previously unreported connection between evilgrou-tech, a commodity operator, and the hacking group. «The handle ‘evilgrou’ is assessed with moderate confidence to be a deliberate reference to EvilNum (Evil + [num -> grou]p), the predecessor APT group from which WaterHydra/DarkCasino splintered in late 2022,» Breakglass Intelligence said. The strongest attribution indicator is a shared developer workspace path embedded in binaries associated with EvilNum and Water Hydra: «C:\Users\Administrator\Desktop\vaeeva\shellrundll.tlb.» These two artifacts are separated by two years, one in July 2022 and the other in January 2024.

Cybersecurity researchers have disclosed security flaws in HDF5 software, a file format to manage, process, and store heterogeneous data, that could be exploited to compromise a vulnerable system. «The discovered vulnerabilities, based on a stack buffer overflow, could allow threat actors to overwrite memory and compromise target systems for stealing highly classified research data, industrial espionage, or a foothold into the internal network,» ThreatLeap’s co-founder, Leon Juranic, said. «In practice, this means the vulnerability could be exploited by a single specially crafted malicious input file and, as a result, an entire system could get compromised.» The issues were addressed in October 2025 following responsible disclosure.

Security researchers have detected a «sharp rise» in brute-force attempts to hijack SonicWall and FortiGate devices between January and March 2026, with the vast majority (88%) appearing to originate from the Middle East. Most attempts were unsuccessful, either blocked outright by security tools or directed at invalid usernames. «Attackers are aggressively scanning and testing perimeter devices for weak or exposed credentials,» Barracuda Networks said. «Even when attacks fail, persistent probing raises the risk that a single weak password or misconfiguration could lead to compromise.»

Triad Nexus, a sprawling cybercrime ecosystem acting as the backbone of scams, money laundering, and illicit gambling operations since at least 2020, has been observed using geographic fencing and laundering its infrastructure through «clean» front companies to acquire accounts at major enterprise cloud providers (Amazon, Cloudflare, Google, and Microsoft) and avoid sanctions. Besides engaging in fraud, the group specializes in high-fidelity brand impersonation, weaponizing the digital identities of Global 2000 companies to dupe victims. «The network has industrialized brand theft on a global scale; its catalog includes ‘pixel-perfect’ clones of everything from high-end luxury goods to public services,» Silent Push said. «Despite federal sanctions in 2025, the group has reinstated its global fraud engine, shifting its focus toward emerging markets while maintaining a persistent threat to Western enterprise assets.» Triad Nexus is estimated to be responsible for over $200 million in reported losses, primarily fueled by pig butchering and virtual currency scams.

A new variant of the botnet known as Phorpiex (aka Trik) has been observed, using a hybrid communication model that combines traditional C2 HTTP polling with a peer-to-peer (P2P) protocol over both TCP and UDP to ensure operational continuity in the face of server takedowns. The malware acts as a conduit for encrypted payloads, making it challenging for external parties to inject or modify commands. The primary goal of Phorpiex’s Twizt variant is to drop a clipper that re-routes cryptocurrency transactions, as well as distribute high-volume sextortion email spam and facilitate ransomware deployment (e.g., LockBit Black, Global). It also exhibits worm-like behavior by propagating through removable and remote drives, and drop modules responsible for exfiltrating mnemonic phrases and scanning for Local File Inclusion (LFI) vulnerabilities. «Phorpiex has consistently demonstrated its capability to evolve, shifting from a pure spam operation to a sophisticated platform,» Bitsight said. «The Phorpiex botnet remains a highly adaptive and resilient threat.» There are about 125,000 infections daily on average, with the most affected countries being Iran, Uzbekistan, China, Kazakhstan, and Pakistan.

A remote code execution (RCE) vulnerability that lurked in Apache ActiveMQ Classic for 13 years could be chained with an older flaw (CVE-2024-32114) to bypass authentication. Tracked as CVE-2026-34197 (CVSS score: 8.8), the newly identified bug allows attackers to invoke management operations through the Jolokia API and trick the message broker into retrieving a remote configuration file and executing operating system commands. According to Horizon3.ai, the security defect is a bypass for CVE-2022-41678, a bug that allows authenticated attackers to trigger arbitrary code execution and write web shells to disk. «The vulnerability requires credentials, but default credentials (admin:admin) are common in many environments,» Horizon3.ai researcher Naveen Sunkavally said. «On some versions (6.0.0 – 6.1.1), no credentials are required at all due to another vulnerability, CVE-2024-32114, which inadvertently exposes the Jolokia API without authentication. In those versions, CVE-2026-34197 is effectively an unauthenticated RCE.» The newly discovered security defect was addressed in ActiveMQ Classic versions 5.19.4 and 6.2.3.

Cyber-enabled fraud cost victims over $17.7 billion during 2025, as financial losses to internet-enabled fraud continue to grow. The total loss exceeds $20.87 billion, up 26% from 2024. «Cyber-enabled fraud is responsible for almost 85% of all losses reported to IC3 [Internet Crime Complaint Center] in 2025,» the U.S. Federal Bureau of Investigation (FBI) said. «Cryptocurrency investment fraud was the highest source of financial losses to Americans in 2025, with $7.2 billion reported in losses.» In all investment scams led the pack with $8.6 billion in reported losses, followed by business email compromise ($3 billion) and tech support scams ($2.1 billion). Sixty-three new ransomware variants were identified last year, leading to more than $32 million in losses. Akira, Qilin, INC./Lynx/Sinobi, BianLian, Play, Ransomhub, Lockbit, Dragonforce, Safepay, and Medusa emerged as the top ten variants to hit critical manufacturing, healthcare, public health, and government entities.

According to data from NETSCOUT, more than 8 million DDoS attacks were recorded across 203 countries and territories between July and December 2025. «The attack count remained stable compared to the first half of the year, but the nature and sophistication of attacks changed dramatically,» the company said. «The TurboMirai class of IoT botnets, including AISURU and Eleven11 (RapperBot), emerged as a major force. DDoS-for-hire platforms are now integrating dark-web LLMs and conversational AI, lowering the technical barrier for launching complex, multi-vector attacks. Even unskilled threat actors can now orchestrate sophisticated campaigns using natural-language prompts, increasing risk for all industries.»

A former Meta employee in the U.K. is under investigation over allegations that he illegally downloaded about 30,000 private photos from Facebook. According to The Guardian, the accused developed a software program to evade Facebook’s internal security systems and access users’ private images. Meta uncovered the breach more than a year ago, terminated the employee, and referred the case to law enforcement. The company said it also notified affected users, although it’s not clear how many were impacted.

Google said it’s tracking a financially motivated threat cluster called UNC6783 that’s tied to the «Raccoon» persona and is targeting dozens of high-profile organizations across multiple sectors by compromising business process outsourcing (BPO) providers and help desk staff for later data extortion. «The campaign relies on live chat social engineering to direct employees to spoofed Okta logins using [org].zendesk-support[##].com domains,» Austin Larsen, Google Threat Intelligence Group (GITG) principal threat analyst, said. «Their phishing kit steals clipboard contents to bypass MFA and enroll their own devices for persistent access. We also observed them using fake security updates (ClickFix) to drop remote access malware.» Organizations are advised to prioritize FIDO2 hardware keys for high-risk roles, monitor live chat for suspicious links, and regularly audit newly enrolled MFA devices.

A large-scale Magecart campaign is using invisible 1×1 pixel SVG elements to inject a fake checkout overlay on 99 Magento e-commerce stores, exfiltrating payment data to six attacker-controlled domains. «In the early hours of April 7th, nearly 100 Magento stores got mass-infected with a ‘double-tap’ skimmer: a credit card stealer hidden inside an invisible SVG element,» Sansec said. «The likely entry vector is the PolyShell vulnerability that continues to affect unprotected Magento stores.» Like other attacks of this kind, the skimmer shows victims a convincing «Secure Checkout» overlay, complete with card validation and billing fields. Once the payment details are captured, it silently redirects the shopper to the real checkout page. Adobe has yet to release a security update to address the PolyShell flaw in production versions of Magento.

Cybercriminals are using emojis across illicit communities to signal financial activity, access and account compromise, tooling and service offerings, represent targets or regions, and communicate momentum or importance. Using emojis allows bad actors to bypass security controls. «Emojis provide a shared visual layer that allows actors to communicate core concepts without relying entirely on text,» Flashpoint said. «This is particularly valuable in: large Telegram channels with international membership, cross-border fraud operations, [and] decentralized marketplaces. This ability to compress meaning into visual shorthand helps scale operations and coordination across diverse actor networks.»

A ClickFix campaign targeting Windows users is leveraging malicious MSI installers to deliver a Node.js-based information stealer. «This Windows payload is a highly adaptable remote access Trojan (RAT) that minimizes its forensic footprint by using dynamic capability loading,» Netskope said. «The core stealing modules and communication protocols are never stored on the victim’s disk. Instead, they are delivered in-memory only after a successful C2 connection is established. To further obfuscate the attacker’s infrastructure, the malware routes gRPC streaming traffic over the Tor network, providing a persistent and masked bidirectional channel.»

More ClickFix, this time targeting macOS. According to Jamf, a ClickFix-style macOS attack is abusing the «applescript://» URL scheme to launch Script Editor and deliver an Atomic Stealer infostealer payload, thereby bypassing Terminal entirely. The attack leverages fake Apple-themed web pages that include instructions to «reclaim disk space on your Mac» by clicking on an «Execute» button that triggers the «applescript://» URL scheme. The new approach is likely a response to a new security feature introduced by Apple in macOS 26.4 that scans commands pasted into Terminal before they’re executed. «It’s a meaningful friction point, but as this campaign illustrates, when one door closes, attackers find another,» security researcher Thijs Xhaflaire said.

A malicious PyPI package named hermes-px has been advertised as a «Secure AI Inference Proxy» but contains functionality to steal users’ prompts. «The package actually hijacks a Tunisian university’s private AI endpoint, bundles a stolen and rebranded Anthropic Claude Code system prompt, launders all responses to hide the true upstream source, and exfiltrates every user message directly to the attacker’s Supabase database, bypassing the very Tor anonymity it promises,» JFrog said.

Data from Censys has revealed that there are 5,219 internet-exposed hosts that self-identify as Rockwell Automation/Allen-Bradley devices. «The United States accounts for 74.6% of global exposure (3,891 hosts), with a disproportionate share on cellular carrier ASNs indicative of field-deployed devices on cellular modems,» it said. «Spain (110), Taiwan (78), and Italy (73) represent the largest non-Anglosphere concentrations. Iceland’s presence (36 hosts) is disproportionate to its population and warrants attention, given its geothermal energy infrastructure.» The disclosure follows a joint advisory from U.S. agencies that warned of ongoing exploitation of internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) by Iranian-affiliated nation-state actors since March 2026 to breach U.S. critical infrastructure sectors, causing operational disruption and financial loss in some cases. The agencies said the attacks are reminiscent of similar attacks on PLCs by Cyber Av3ngers in late 2023.

In late March 2026, Anthropic inadvertently exposed internal Claude Code source material via a misconfigured npm package, which included approximately 512,000 lines of internal TypeScript. While the exposure lasted only about three hours, it triggered rapid mirroring of the source code across GitHub, prompting Anthropic to issue takedown notices (and later a partial retraction). Needless to say, threat actors wasted no time and took advantage of the topical nature of the leak to distribute Vidar Stealer, PureLogs Stealer, and GhostSocks proxy malware through fake leaked Claude Code GitHub repositories. «The campaign abuses GitHub Releases as a trusted malware delivery channel, using large trojanized archives and disposable accounts to repeatedly evade takedowns,» Trend Micro said. «The combined functionality of the malware payloads enables credential theft, cryptocurrency wallet exfiltration, session hijacking, and residential proxy abuse across Windows, giving the operators multiple monetization paths from a single infection.»

A new 64-bit version of Lumma Stealer called Remus (historically called Tenzor) has emerged in the wild following Lumma’s takedown and the doxxing of its alleged core members. «The first Remus campaigns date back to February 2026, with the malware switching from Steam/Telegram dead drop resolvers to EtherHiding and employing new anti-analysis checks,» Gen researchers said. Besides using identical code, direct syscalls/sysenters, and the same string obfuscation technique, another detail linking the two is the use of an application-bound encryption method, only observed in Lumma Stealer to date.

In a setback for Anthropic, a Washington, D.C., federal appeals court declined to block the U.S. Department of Defense’s national security designation of the AI company as a supply chain risk. The development comes after another appeals court in San Francisco came to the opposite conclusion in a separate legal challenge by Anthropic, granting it a preliminary injunction that bars the Trump administration from enforcing a ban on the use of AI chatbot Claude.The company has said the designation could cost the company billions of ⁠dollars in lost business and reputational harm. As Reuters notes, the lawsuit is one of two that Anthropic filed over the Trump administration’s unprecedented move to classify it as a supply chain risk after it refused to allow the military to use Claude for domestic mass surveillance or autonomous weapons.

In a new campaign observed by Kaspersky, unwitting users searching for proxy clients like Proxifier on search engines like Google and Yandex are being directed to malicious GitHub repositories that host an executable, which acts as a wrapper around the legitimate Proxifier installer.Once launched, it configures Microsoft Defender Antivirus exclusions, launches the real Proxifier installer, sets up persistence, and runs a PowerShell script that reaches out to Pastebin to retrieve a next-stage payload. The downloaded PowerShell script is responsible for retrieving another script containing the Clipper malware from GitHub. The malware substitutes cryptocurrency wallet addresses copied to the clipboard with an attacker-controlled wallet with the intention of rerouting financial transactions. Since the start of 2025, more than 2,000 Kaspersky users – most of them in India and Vietnam – have encountered the threat.

Threat actors are leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. Because these emails are dispatched from the platform’s own infrastructure (e.g., Jira’s Invite Customers feature), they are unlikely to be blocked by email security tools. «These emails are transmitted using the legitimate mail delivery infrastructure associated with GitHub and Jira, minimizing the likelihood that they will be blocked in transit to potential victims,» Cisco Talos said. «By taking advantage of the built-in notification functionality available within these platforms, adversaries can more effectively circumvent email security and monitoring solutions and facilitate more effective delivery to potential victims.» The development coincides with a phishing campaign targeting multiple organizations with invitation lures sent from compromised email accounts that lead to the deployment of legitimate remote monitoring and management (RMM) tools like LogMeIn Resolve. The campaign, tracked as STAC6405, has been ongoing since April 2025. In one case, the threat actor has been found to leverage a pre-existing installation of ScreenConnect to download a HeartCrypt-protected ZIP file that ultimately leads to the installation of malware that’s consistent with ValleyRAT. Other campaigns have leveraged procurement-themed emails to direct users to cloud-hosted PDFs containing embedded links that, when clicked, take victims to Dropbox credential harvesting pages. Threat actors have also distributed executable files disguised as copyright violation notices to trick them into installing PureLogs Stealer as part of a multi-stage campaign. What’s more, Reddit posts advertising the premium version of TradingView have acted as a conduit for Vidar and Atomic Stealer to steal valuable data from both Windows and macOS systems. «The threat actor actively comments on their own posts with different accounts, creating the illusion of a busy and helpful community,» Hexastrike said. «More concerning, any comments from real users pointing out that the downloads are malware get deleted within minutes. The operation is hands-on and closely monitored.»

A high-severity security flaw has been disclosed in the Linux kernel’s ksmbd SMB3 server. Tracked as CVE-2026-23226 (CVSS score: 8.8), it falls under the same bug class as CVE-2025-40039, which was patched in October 2025. «When two connections share a session over SMB3 multichannel, the kernel can read a freed channel struct – exposing the per-channel AES-128-CMAC signing key and causing a kernel panic,» Orca said. «An attacker needs valid SMB credentials and network access to port 445.» Alternatively, the vulnerability can be exploited by an attacker to leak the per-channel AES-128-CMAC key used to sign all SMB3 traffic, enabling them to forge signatures, impersonate the server, or bypass signature verification. It has been fixed in the commit «e4a8a96a93d.»

New research has demonstrated it’s possible to trick Anthropic’s vibe coding tool Claude Code into performing a full-scope penetration attack and credential theft by modifying a project’s «CLAUDE.md» file to bypass the coding agent’s safety guardrails. The instructions explicitly tell Claude Code to help the developer complete a penetration testing assessment against their own website and assist them in their tasks. «Claude Code should scan CLAUDE.md before every session, flagging instructions that would otherwise trigger a refusal if attempted directly within a prompt,» LayerX said. «When Claude detects instructions that appear to violate its safety guardrails, it should present a warning and allow the developer to review the file before taking any actions.»

Grafana has patched a security vulnerability that could have enabled attackers to trick its artificial intelligence (AI) capabilities into leaking sensitive data by means of an indirect prompt injection and without requiring any user interaction. The attack has been codenamed GrafanaGhost by Noma Security. «By bypassing the client-side protections and security guardrails that restrict external data requests, GrafanaGhost allows an attacker to bridge the gap between your private data environment and an external server,» the cybersecurity company said. «Because the exploit ignores model restrictions and operates autonomously, sensitive enterprise data can be leaked silently in the background.» GrafanaGhost is stealthy, as it requires no login credentials and does not depend on a user clicking a malicious link. The attack is another example of how AI-assisted features integrated into enterprise environments can be abused to access and extract critical data assets while remaining entirely invisible to defenders.

LSPosed is a powerful framework for rooted Android devices that allows users to modify the behavior of the system and apps in real-time without actually making any modifications to APK files. According to CloudSEK, threat actors are now weaponizing the tool to remotely inject fraudulent SMS messages and spoof user identities in modern payment ecosystems via a malicious module called «Digital Lutera.» The attack effectively undermines SIM-binding restrictions applied to banking and instant payment apps in India. However, for this approach to work, the threat actor requires a victim to install a Trojan that can intercept SMS messages sent to/from the device. While the attack previously combined a trojanized mobile device (the victim) and a modified mobile payment APK (on the attacker’s device) to trick bank servers into believing the victim’s SIM card is physically present in the attacker’s phone, the latest iteration leans on LSPosed to achieve the same goals. A key requisite to this attack is that the attacker must have a rooted Android device with the LSPosed module installed. «This new attack vector allows threat actors to hijack legitimate, unmodified payment applications by ‘gaslighting’ the underlying Android operating system,» CloudSEK said. «By using LSPosed, the threat actor ensures the payment app’s signature remains valid, making it invisible to many standard integrity checks.»

watchTower Labs has disclosed two security flaws in Progress ShareFile (CVE-2026-2699 and CVE-2026-2701) that could be chained to achieve pre-authenticated remote code execution. While CVE-2026-2699 is an authentication bypass via the «/ConfigService/Admin.aspx» endpoint, CVE-2026-2701 refers to a case of post-authenticated remote code execution. An attacker could combine the two vulnerabilities to sidestep authentication and upload web shells. Progress released fixes for the vulnerabilities with Storage Zone Controller 5.12.4 released on March 10, 2026. There are about 30,000 internet-facing instances, making patching against the flaws crucial.

A new Android malware named NoVoice has been distributed via more than 50 apps that were downloaded at least 2.3 million times. While apps masqueraded as utilities, image galleries, and games, and offered the advertised functionality, the malware attempted to obtain root access on the device by exploiting 22 Android vulnerabilities that received patches between 2016 and 2021. «If the exploits succeed, the malware gains full control of the device,» McAfee Labs said. «From that moment onward, every app that the user opens is injected with attacker-controlled code. This allows the operators to access any app data and exfiltrate it to their servers.» The malware avoids infecting devices in certain regions, like Beijing and Shenzhen in China, and implements more than a dozen checks for emulators, debuggers, and VPNs. It then contacts a remote server to send device information and fetch appropriate exploits to gain root access and disable SELinux. Upon gaining elevated access, the rootkit modifies system libraries to facilitate the execution of malicious code when specific apps are opened, install arbitrary apps, and enable persistence. NoVoice has been found to share some level of overlap with Triada. One of the targeted apps is WhatsApp, which enabled the malware to harvest data from the app as soon as it was launched. Google has since removed the apps. The highest concentration of infections has been reported in Nigeria, Ethiopia, Algeria, India, and Kenya.

The U.S. Federal Bureau of Investigation (FBI) is warning of the data security risks associated with foreign-developed mobile applications. «As of early 2026, many of the most downloaded and top-grossing apps in the United States are developed and maintained by foreign companies, particularly those based in China,» the FBI said. «The apps that maintain digital infrastructure in China are subject to China’s extensive national security laws, enabling the Chinese government to potentially access mobile app users’ data.» The bureau also warned that these apps may harvest contact information under the pretext of inviting friends to use them, store personal data in Chinese servers, or contain malware that could collect data beyond what is authorized by the user. «This could include malicious code and hard-to-remove malware designed to exploit known vulnerabilities in various operating systems and insert a backdoor for escalated privileges, such as enabling the download and execution of additional malicious packages designed to provide unauthorized access to users’ data,» it added. The FBI did not name the apps, but TikTok, Shein, Temu, and DeepSeek fit the profile.

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S. national security against cyber attacks against critical infrastructure, threats in the space domain, and misuse of artificial intelligence (AI) and other advanced technology risks from Iran, China, Russia, and North Korea.

Li Xiong, the former chairman of a Cambodian financial conglomerate, HuiOne, has been extradited to China. He has been accused of operating gambling dens, fraud, unlawful business operations, and money laundering. According to Xinhua, Li is said to be a key member of the transnational cybercrime syndicate masterminded by Chen Zhi, the chairman of Prince Group, who was extradited to China in January 2026 and has been indicted by the U.S. for operating large-scale, forced-labor «pig butchering» scam compounds in Southeast Asia. In May 2025, the U.S. Treasury’s Financial Crimes Enforcement Network labeled Huione Group «a financial institution of primary money laundering concern.»

Google said it’s rolling out the ability to change a username to Google Account users in the U.S. «Your previous Google Account email ending in gmail.com will become an alternate email address,» Google said in a support document. «You’ll receive emails to both your old and new addresses. The data saved in your account won’t be affected. This includes things like photos, messages, and emails sent to your previous email address.» While users can change back to their previous email address at any time, it’s not possible to create a new Google Account email ending in gmail.com for the next 12 months. The new email address cannot be deleted either.

A U.S. federal judge has temporarily blocked the Trump administration’s designation of Anthropic as a supply chain risk. The AI company had argued that the designation was causing immediate and irreparable harm. «Nothing in the governing statute supports the Orwellian notion that an American company may be branded a potential adversary and saboteur of the U.S. for expressing disagreement with the government,» District Judge Rita Lin wrote in the ruling.

Cybercriminals have set their sights on Android users through a new phishing scheme that disguises malicious applications as beta-testing opportunities for ChatGPT and Meta advertising tools. In these attacks, what appears to be an invitation to advertising apps turns out to be a carefully planned attempt to steal Facebook credentials and hijack control of user accounts. «These messages push malicious apps delivered through ‘firebase-noreply@google.com’ via Firebase App Distribution, a legitimate Google service for distributing pre-release apps to testers,» LevelBlue said. «Once installed, these apps request Facebook credentials, leading to phishing and account takeover.» A similar campaign has leveraged phishing emails impersonating ChatGPT and Gemini to push users into downloading malicious iOS apps from the Apple App Store. «Disguised as business or ad management tools, these apps prompt for Facebook credentials, leading to credential harvesting,» the company added.

Google has made ransomware detection and file restoration in Drive generally available after launching the feature in beta in September 2025 to help organizations minimize the impact of malware attacks on personal computers. Ransomware detection pauses file syncing, and file restoration allows users to bulk restore their files to a previous version in Drive. «Compared to when the feature was in beta, we are now able to detect even more types of ransomware encryption and are able to do it faster,» Google said. «Our latest AI model is detecting 14x more infections, leading to even more comprehensive protection.»

Cybersecurity company Darktrace said it has observed a steady increase in GhostSocks activity across its customer base since late 2025. «In one notable case from December 2025, Darktrace detected GhostSocks operating alongside Lumma Stealer, reinforcing that the partnership between Lumma and GhostSocks remains active despite recent attempts to disrupt Lumma’s infrastructure,» it said. Originally marketed on the Russian underground forum xss[.]is as a malware-as-a-service (MaaS), GhostSocks enables threat actors to turn compromised devices into residential proxies, leveraging the victim’s internet bandwidth to route malicious traffic through it. It utilizes the SOCKS5 proxy protocol, creating a SOCKS5 connection on infected devices. It began to be widely adopted following its partnership with Lumma Stealer in 2024.

The number of malware advisories across open-source ecosystems has increased 13.6x since January 2024, as threat actors take control of trusted packages to poison the software supply chain. «Of the 1,011 npm ATO [Account takeover] advisories recorded in the OSV database over all time, 930 were filed in 2025, a roughly 12x year-over-year increase representing 92% of all ATOs reported on npm,» Endor Labs said. Among the 2025 npm ATO cases, 38.4% of affected packages had more than 1,000 monthly downloads, 18.5% exceeded 10,000, and 11.1% had more than 100,000. Attackers are deliberately targeting packages that are deeply embedded in production systems and automated CI/CD pipelines, maximizing the blast radius of each compromise.»

An updated version of the XLoader information-stealing malware (version 8.7) has been found to incorporate several changes to the code obfuscation to make automation and analysis more difficult. These include the use of encrypted strings that are decrypted at runtime, encrypted code blocks consisting of functions that are decrypted at runtime, and improved methods to conceal hard-coded values and specific functions, per Zscaler. XLoader also uses a combination of multiple encryption layers with different keys for encrypting network traffic. «XLoader continues to be a highly active information stealer that constantly receives updates,» the company said. «As a result of the malware’s multiple encryption layers, decoy C2 servers, and robust code obfuscation, XLoader has been able to remain largely under the radar.»

Cybersecurity researchers have found multiple zero-day vulnerabilities in ImageMagick that could be chained to achieve remote code execution through a single image or PDF upload. According to Pwn.ai, the attack works on the default configuration and the most restrictive «secure» configuration. The issue affects every major Linux distribution, as well as WordPress installations that process image uploads. It remains unpatched as of writing. In the interim, it’s advised to process PDFs in an isolated sandbox with no network access, disable XML-RPC in WordPress, and block GhostScript.

Adversaries are bypassing traditional CloudTrail detections, like StopLogging or DeleteTrail, and instead using lesser-known AWS APIs to blind logging systems. This includes creating «invisible activity zones” using PutEventSelectors, using StopEventDataStoreIngestion and DeleteEventDataStore to halt or destroy long-term forensic visibility, disabling anomaly detection via PutInsightSelectors, neutralizing cross-account protections through DeleteResourcePolicy and DeregisterOrganizationDelegatedAdmin. «The real risk is in the sequence: individually, these API calls look like routine maintenance—but chained together, they allow attackers to erase evidence and evade detection entirely,» Abstract Security said.

The threat actor known as LofyGang resurfaced with a fake npm package («undicy-http») that delivers a dual-payload attack: a Node.js-based Remote Access Trojan (RAT) with live screen streaming, and a native Windows PE binary that uses direct syscalls to inject into browser processes and steal credentials, cookies, credit cards, IBANs, and session tokens from more than 50 web browsers and 90 cryptocurrency wallet extensions. The session hijacking module targets Roblox, Instagram, Spotify, TikTok, Steam, Telegram, and Discord. «The Node.js layer independently operates as a full RAT with remote shell, screen capture, webcam/microphone streaming, file upload, and persistence capabilities, all controlled through a WebSocket C2 panel,» JFrog said. The Node.js layer also downloads a native PE binary to facilitate data exfiltration via a Discord webhook and a Telegram bot.

Google has unveiled a 2029 timeline to secure the quantum era with post-quantum cryptography (PQC) migration, urging other engineering teams to follow suit. «This new timeline reflects migration needs for the PQC era in light of progress on quantum computing hardware development, quantum error correction, and quantum factoring resource estimates,» the tech giant said. «Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures. The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC). That’s why we’ve adjusted our threat model to prioritize PQC migration for authentication services.» As part of the effort, the company said Android 17 is integrating PQC digital signature protection using the Module-Lattice-Based Digital Signature Algorithm (ML-DSA). This includes upgrading the Android Verified Boot (AVB) with support for ML-DSA to ensure that the software loaded during the boot sequence remains highly resistant to unauthorized tampering. The second PQC upgrade concerns the transition of Remote Attestation to a fully PQC-compliant architecture and updating Android Keystore to natively support ML-DSA.

GitHub said it’s introducing AI-powered security detections in GitHub Code Security to expand application security coverage across more languages and frameworks. «These detections complement CodeQL by surfacing potential vulnerabilities in areas that are difficult to support with traditional static analysis alone,» GitHub said. «This hybrid detection model helps surface vulnerabilities – and suggested fixes – directly to developers within the pull request workflow.» The Microsoft subsidiary said the move is designed to uncover security issues «in areas that are difficult to support with traditional static analysis alone.» The new hybrid model is expected to enter public preview in early Q2 2026.

The Russian threat actor known as Sandworm (aka APT-C-13) has been attributed with moderate confidence to an attack campaign that leverages pirated versions of legitimate software like Microsoft Office («Microsoft.Office.2025×64.v2025.iso») as lures to deliver different backdoors tracked as Tambur, Sumbur, Kalambur, and DemiMur to high-value targets. It’s assessed that these attacks use Telegram as a distribution vector, using social engineering tactics to target Ukrainian users seeking software cracks. Tambur is designed to spawn SSH reverse tunnels to issue malicious commands, while Kalambur revolves around intranet penetration, remote desktop (RDP) takeover, and persistent communication. Sumbur is a successor to Kalambur with improved obfuscation techniques. DemiMur is mainly used to tamper with the trust chain and evade detection. «Attackers use this module to force the import of a forged DemiMurCA.crt root certificate into the operating system’s trusted root certificate authority store,» the 360 Advanced Threat Research Institute said. «When subsequent scripts are executed, Windows automatically verifies the validity of the signature block and deems it ‘trusted.’»

A cryptocurrency scam called ShieldGuard claimed to be a blockchain project that presented itself as a security tool aimed at protecting crypto wallets from phishing and harmful smart contracts through a browser extension. Ironically, further analysis revealed that it was built to drain digital assets from wallets. The scam was advertised via a dedicated website («shieldguards[.]net»), as well as an X account (@ShieldGuardsNet) and a Telegram channel (@ShieldsGuard). «The project was promoted using a multi-level marketing campaign in which users would be rewarded for early use of the extension (via a cryptocurrency ‘airdrop’) and for promoting the capability to other users,» Okta said. «ShieldGuard appears designed to harvest wallet addresses and other sensitive data for major cryptocurrency platforms including Binance, Coinbase, MetaMask, OpenSea, Phantom and Uniswap, as well as for users of Google services. The extension also extracts the full HTML of pages after a user signs into Binance, Coinbase, OpenSea or Uniswap via their browser.» The threat actor behind the activity is assessed to be Russian-speaking.

Sophos said it identified multiple detections on Android devices for malicious activity associated with the Keenadu backdoor. «Keenadu is a firmware infection embedded in the libandroid_runtime.so (shared object library) that injects itself into the Zygote process,» the company said. «As Zygote is the parent process for all Android apps, an attacker effectively gains total control over an infected device.» Keenadu acts as a downloader for second-stage malware, with the infected devices containing two system-level APK files: PriLauncher.apk and PriLauncher3QuickStep.apk. Over 500 unique compromised Android devices across nearly 50 models have been detected as of March 4, 2026. The devices are mostly low-cost models produced by Allview, BLU, Dcode, DOOGEE, Gigaset, Gionee, Lava, and Ulefone. The identified infections were spread globally, with devices located in 40 countries.

In early March, Europol and Microsoft announced the seizure of 330 active Tycoon2FA domains and legal action against multiple individuals linked to the PhaaS. According to CrowdStrike, the takedown effort left only a minor dent in Tycoon2FA’s operations, which are now back to pre-disruption levels. On March 4 and 5, following the law enforcement operation, Tycoon2FA activity volume dropped to roughly 25%, but returned to previous levels shortly after, with «daily levels of cloud compromise active remediations returning to early 2026 levels,» CrowdStrike said. «Additionally, Tycoon2FA’s TTPs have not changed following the takedown, indicating that the service’s operations may persist beyond this disruption.» These TTPs include phishing emails directing to malicious CAPTCHA pages, session cookie theft upon CAPTCHA validation, use of JavaScript payloads for email address extraction, credential proxying via malicious JavaScript files, and use of stolen credentials to access the victims’ cloud environments. Post-disruption campaigns have leveraged malicious URLs, URL shortener services, links to legitimate presentation software that include malicious redirects to Tycoon2FA infrastructure, and attacker-controlled infrastructure impersonating construction entities, and compromised SharePoint infrastructure from known contacts that retrieves XLSX and PDF files. The short-lived disruption is proof that without arrests or physical seizures, it’s easy for cybercriminals to recover and replace the impacted infrastructure.

Phishing campaigns are weaponizing fake meeting invites for various video conference applications, including Zoom, Microsoft Teams, and Google Meet, to distribute remote access tools. «The attackers trick corporate users to execute the payload by claiming a mandatory software update is required to join the video call, redirecting victims to typo-squatted domains, such as zoom-meet.us,» Netskope said. «The payload, disguised as a software update, is a digitally signed remote monitoring and management (RMM) tool such as Datto RMM, LogMeIn, or ScreenConnect. These tools enable attackers to remotely access victims’ machines and gain full administrative control over their endpoints, potentially leading to data theft or the deployment of more destructive malware.»

Attackers are using copyright-infringement notices in a fileless phishing campaign targeting healthcare and government organizations in Germany and Canada that delivers the PureLogs data-stealing malware. «The attack likely relies on phishing emails that lure victims into downloading a malicious executable tailored to the victim’s local language,» Trend Micro said. «Once executed, the malware deploys a multistage infection chain designed for evasion. Notably, it downloads an encrypted payload disguised as a PDF file, then retrieves the decryption password remotely from attacker-controlled infrastructure. The extracted payload launches a Python-based loader that decrypts and executes the final .NET PureLogs stealer malware in memory.» The Python dropper specifically leverages two .NET loaders to load the stealer malware, with one acting as a backup in case either of them is blocked or killed by an endpoint control. The routine also incorporates anti-virtual machine techniques to evade automated analysis environments, as well as employs in-memory execution to complicate detection efforts. «By disguising malicious executables as legal notices, using encrypted payloads masquerading as PDF files, remotely retrieving dynamic decryption keys, and leveraging a renamed WinRAR utility for extraction, the operators effectively minimize static indicators and hinder automated analysis,» the company added. «The Python-based loader and dual .NET loaders introduce redundancy and fileless execution pathways, ensuring that the final PureLog Stealer payload is launched reliably and without leaving artifacts on disk.»

The Larva-26002 threat actor continues to target improperly managed MS-SQL servers. «In January 2024, the Larva-26002 threat actor attacked MS-SQL servers to install the Trigona and Mimic ransomware,» AhnLab said. In the latest attacks, the threat actors exploited the Bulk Copy Program (BCP) utility of MS-SQL servers to stage the malware locally and deploy a scanner malware named ICE Cloud Client. Written in Go, it functions as both a scanner and a brute-force tool to break into susceptible MS-SQL servers. «The strings contained in the binary are written in Turkish, and the emoticons used suggest that the author utilized generative AI,» the company added.

New research has flagged a critical vulnerability in ClawHub, a skills marketplace for OpenClaw, that an attacker could exploit to position their skill as the #1 skill. The flaw stems from the fact that a download counter function named «increment(),» which is used to keep track of skill downloads, was exposed as a public mutation rather than an internal private function. Without authentication, rate limiting, or deduplication mechanisms in place, an attacker could continuously trigger the endpoint to artificially inflate the download metric for a given skill. «An attacker can call downloads:increment with a single curl request with any valid skill ID, bypassing every protection in the download flow and inflating any skill’s downloads counter without limit,» security researcher Noa Gazit said. By gaming the rankings, the threat actor could device an unsuspecting developer into installing malicious skills. The issue has since been mitigated by ClawHub following responsible disclosure by Silverfort on March 16, 2026.

Five newly discovered malicious npm packages have been found to typosquat a legitimate cryptocurrency library and exfiltrate private keys to a single hard-coded Telegram bot. All the packages, ethersproject-wallet, base-x-64, bs58-basic, raydium-bs58, and base_xd, were published under the account «galedonovan.» According to Socket, «each package hooks a function that developers routinely pass private keys through. When that function is called at runtime, the package silently sends the key to a Telegram bot before returning the expected result. The user’s code behaves normally, and there is no visible error or side effect.»

A Google Forms campaign is using business-related lures, such as job interviews, project briefs, and financial documents, to distribute malware, including the PureHVNC remote access trojan (RAT). «Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain,» Malwarebytes said. «The attack typically begins when a victim downloads a business-themed ZIP file linked from a Google Form. Inside is a malicious file that sets off a multi-stage infection process, eventually installing malware on the system.» Another campaign has been observed using obfuscated Visual Basic Script (VBScript) files to deliver PhantomVAI Loader via PNG image files hosted on Internet Archive to ultimately install Remcos RAT and XWorm.

A sophisticated, multi-stage malware campaign directed at customer support staff working for Web3 companies is leveraging suspicious links sent via customer support chat to initiate an attack chain that delivers a malicious executable disguised as a photograph, which then retrieves a second-stage loader from an AWS S3 dead drop. This loader proceeds to retrieve an implant named Farfli (aka Gh0st RAT) that’s launched via DLL side-loading to establish persistent communication with threat actor-controlled infrastructure. The campaign has been attributed to APT-Q-27 (aka GoldenEyeDog), a financially motivated threat group suspected to be operating out of China since at least 2022. A similar campaign involving the distribution of sketchy links via Zendesk was documented by CyStack last month. The techniques observed include staging payloads inside a directory designed to resemble a Windows Update cache, DLL side-loading, and in-memory execution of the final backdoor. The end goal is to reduce on-disk footprints, blend into normal system behaviour, and make retrospective detection harder.

Cloud phones are internet-based virtual phone systems powered by Android that allow users to send and receive voice calls, messages, and access features just like a physical device. While early fraud waves leveraged «virtual» Android devices hosted on physical phone farms for social media engagement manipulation, fake app reviews and installs, SMS spam, and ad fraud, subsequent iterations have evolved into cloud-based virtual mobile infrastructures that use emulators to mimic phone behavior. Along with it expanded the abuse of cloud phones – sold in the form of phone box devices – for financial fraud expanded. Threat actors can buy, sell, and move cloud phones with pre-loaded e-wallets and pre-verified bank cards and accounts for use in Account TakeOver (ATO) and Authorized Push Payment (APP) scams, Group-IB said. In this scheme, unsuspecting users are tricked into providing their personal banking credentials to fraudsters impersonating bank workers or government officials in order to complete the verification process on the fraudsters’ cloud phone. These cloud phone devices with configured bank cards and accounts are then sold to other parties on darknet markets. «Major cloud phone platforms like LDCloud, Redfinger, and GeeLark offer device rentals for as little as $0.10-0.50 per hour, making fraud infrastructure accessible to anyone with minimal capital investment,» the company added. «Darknet markets actively trade pre-verified dropper accounts created on cloud phones, with Revolut and Wise accounts priced at $50-200 each, often including continued access to the cloud phone instance.»

The Shadowserver Foundation said it’s seeing over 511,000 end-of-life Microsoft IIS instances in its daily scans, out of which over 227,000 instances are beyond the official Microsoft Extended Security Updates (ESU) period. Most of them are located in China, the U.S., France, the U.K., Italy, Brazil, India, Japan, Australia, and Russia.

Indian authorities have ordered a comprehensive audit of CCTV systems across the nation following the exposure of a Pakistan-linked spy network that exploited surveillance cameras for espionage purposes. The solar-powered devices, installed at various railway stations and other important infrastructure, allegedly transmitted live footage to handlers linked to Pakistan’s Inter-Services Intelligence (ISI). The Indian government has outlined measures to strengthen the security of CCTV systems, such as mandatory documentation of the origin of critical components, testing of devices against vulnerabilities that could allow unauthorized remote access, and testing of devices for compliance. In tandem, at least 22 people have been arrested in connection with a Pakistan-linked network that engaged in reconnaissance activity. This included five men and a woman who have been accused of taking photos and videos of railway stations and military bases and sending them to handlers in Pakistan. These individuals were recruited through social media and encrypted messaging apps, luring them with payments ranging from ₹5,000 to ₹20,000 per «assignment.» Compromised CCTV systems can facilitate military operations and intelligence gathering. During the U.S.–Israel–Iran conflict last month, Check Point Research found a sharp surge in exploitation attempts targeting IP cameras by Iran-affiliated threat actors.

A new traffic distribution (TDS) codenamed TOXICSNAKE has been used to route victims to phishing, scam funnels, or malware payloads. The attacks begin with a first-stage JavaScript loader that’s capable of fingerprinting a site visitor, and either returns a redirect URL or a link to a malicious payload.

In a new report, Halcyon has revealed that the custom built Crytox PowerShell Encryptor is able to evade endpoint detection and response (EDR) solutions without the need for additional tooling like HRSword. «Crytox targeting continues to focus on virtual infrastructure (hypervisors, VM servers), entry via VPN exploitation, and manual hands-on-keyboard execution, which are all consistent with a deliberate, targeted operation rather than high-volume automated campaigns,» the company said. The development comes as the INC ransomware group has claimed attacks against ten law firms and legal services organizations within a 48-hour period. «The volume, sector specificity, and timing of these postings suggest the possibility of a coordinated campaign or a shared upstream compromise, such as a supply chain event affecting a common legal technology provider or managed services vendor,» Halcyon noted.

New research from Hudson Rock has found a machine belonging to the North Korea IT worker scheme that was accidentally infected with the Lumma Stealer malware after the local user downloaded malicious payloads when searching for GTA V cheats. Interestingly, the exfiltrated stealer logs contained corporate CDN credentials for Funnull, a content delivery network (CDN) that has been leveraged by state-sponsored actors. The operator used a «massive matrix of synthetic identities» across Western freelance platforms and global hosting providers, while also using five distinct Chrome profiles and one Edge profile to compartmentalize their operations. It’s believed that the machine owner was either a willing facilitator (i.e., a laptop farm host based out of Indonesia) or a North Korean operative.

The 2024 Polyfill[.]io supply chain attack has been linked to North Korean threat actors after a North Korean operative made a fatal operational security (OPSEC) blunder by downloading a fake software setup file and infected their own machine with the Lumma Stealer. While the attack was initially linked to Funnull, Hudson Rock discovered that the threat actor downloaded a password-protected ZIP archive hosted on MediaFire that was deceptively named to appear as a legitimate software installer. The evidence collected by the malware from the North Korean hacker’s endpoint included credentials for the Funnull DNS management portal, credentials for the Polyfill Cloudflare tenant (proving that the weaponized domain was under the threat actor’s control), and conversations regarding the malicious domain configuration changes made during the peak of the attack. While the threat actor used the «Brian» persona to pull off the attack, they also mange other identities to conduct IT worker fraud by securing a gig at cryptocurrency exchange Gate and exploiting the access to obtain intelligence on their employer’s security posture and understand blind spots in compliance systems. The same operative, under the «Wenyi Han» alias, is also said to have conducted strategic, state-sponsored data exfiltration, illustrating the severity of the IT worker threat.

A U.S. judge granted a motion to dismiss a case against tech giant Meta brought by a former WhatsApp employee, Attaullah Baig, who accused the company of ignoring privacy and security issues, and putting users’ information in danger. According to Courthouse News Service, the judge said, «the complaint does not contain sufficient facts to show that the plaintiff reported violations of SEC rules or regulations, the plaintiff did not plead facts regarding the elements of securities fraud or wire fraud, and his reporting cybersecurity violations does not relate to rules governing internal accounting controls.» Meta said, «Mr. Baig’s allegations misrepresent the hard work of our security team. We’re proud of our strong record of protecting people’s privacy and security, and will continue building on it.»

Hong Kong police can now demand phone or computer passwords from those who are suspected of breaching the National Security Law (NSL). Those who refuse to share the passwords could face up to a year in jail and a fine of up to $12,700, and individuals who provide «false or misleading information» could face up to three years in jail. The amendments to the NSL ensure that «activities endangering national security can be effectively prevented, suppressed and punished, and at the same time the lawful rights and interests of individuals and organisations are adequately protected,» authorities said.

A new Android RAT named Oblivion RAT is being sold as a malware-as-a-service (MaaS) platform on cybercrime networks for $300/month. «The platform includes a web-based APK builder for the implant, a separate dropper builder that generates convincing fake Google Play update pages, and a C2 panel for real-time device control,» iVerify said. «Pricing runs $300/month, $700/3 months, $1,300/6 months, or $2,200 lifetime, with 7-day demo accounts available.» Oblivion is distributed via dropper APKs sent to victims as part of social engineering attacks. Once installed, the dropper apps present a Google Play update flow to sideload the embedded RAT payload. As with other Android malware families, Oblivion abuses Android’s accessibility services API to grant itself additional permissions and steal sensitive data. «The core of the social engineering is the Accessibility Page builder, which generates a pixel-perfect replica of Android’s accessibility service settings screen,» iVerify said. «Every text element is operator-controlled: page title, section headers, the Enable button, and a descriptive info message. When the victim taps Enable, they grant the implant’s accessibility service full control over the device UI.»

Kali Linux, an advanced penetration testing Linux distribution used for ethical hacking and network security assessments, has added an integration with Anthropic’s Claude large language model through the Model Context Protocol (MCP) to issue commands in natural language and translate them into technical commands.

ResidentBat is an Android spyware implant used by Belarusian authorities for surveillance operations against journalists and civil society. Once installed, it provides operators with access to call logs, microphone recordings, SMS, encrypted messenger traffic, screen captures, and locally stored files. The malware, although first documented in December 2025, is assessed to date back to 2021. According to Censys, ResidentBat-associated infrastructure is concentrated in Europe and Russia: the Netherlands (5 hosts), Germany (2 hosts), Switzerland (2 hosts), and Russia (1 host) in a recent Platform view, using a narrow port range (7000-7257) for control traffic.

Phishing campaigns are impersonating cryptocurrency brokerage services like Bitpanda to harvest sensitive data under the pretext of reconfirming their information or risk having their accounts blocked. «Attempting to get multiple forms of information and identification, the attackers used tactics that would seem legitimate to the everyday user,» Cofense said. «User information such as name verification, email, and password credentials, and location were all used in this attempt to harvest information under the guise of a multi-factor authentication process.»

In its 2026 Global Threat Report, CrowdStrike said adversaries became faster than ever before in 2025. «The average e-crime breakout time — the period between initial access and lateral movement onto another system — dropped to 29 minutes, a 65% increase in speed from 2024,» the company said. One such intrusion undertaken by Luna Moth (aka Chatty Spider) targeting a law firm moved from initial access to data exfiltration in four minutes. Chief among the factors fueling this dramatic acceleration was the widespread abuse of legitimate credentials, which allowed attackers to blend into normal network traffic and bypass many traditional security controls. This was coupled with threat actors of varied motivations utilizing AI technology to accelerate and optimize their existing techniques. Some of the threat actors that have leveraged AI in their operations include Fancy Bear, Punk Spider (aka Akira), Blind Spider (aka Blind Eagle), Odyssey Spider (aka TA558), and an India-nexus hacking group called Frantic Tiger that has used Netlify and Cloudflare pages for credential-harvesting operations. The cybersecurity company said it observed an 89% increase in the number of attacks by AI-enabled adversaries compared to 2024 and a 42% year-over-year increase in zero-days exploited prior to public disclosure. In tandem, 67% of vulnerabilities exploited by China-nexus adversaries provided immediate system access, and 40% targeted edge devices that typically lack comprehensive monitoring. The vast majority of attacks, 82%, were free of malware — highlighting attackers’ enduring shift toward hands-on-keyboard operations and the abuse of legitimate tools and credentials.

In a similar report, ReliaQuest said the fastest intrusions reached lateral movement in just 4 minutes, an 85% acceleration from last year, with data exfiltration taking place in 6 minutes. The statistic is fueled by attackers increasingly weaving AI and automation into their tradecraft. «As attackers increasingly secure valid credentials with elevated privileges, the time to react has drastically dropped,» ReliaQuest said. «In 2025, the average breakout time (initial access to lateral movement) dropped to 34 minutes. In 47% of incidents, they secured high privileges before ever touching the network. This allows them to skip escalation, blend into traffic, and repurpose legitimate tools.»

Mac users searching for popular software like Homebrew, 7-Zip, Notepad++, LibreOffice, and Final Cut Pro are the target of an active malvertising campaign powered by at least 35 hijacked Google advertiser accounts originating from countries including the U.S., Canada, Italy, Poland, Brazil, India, Saudi Arabia, Japan, China, Romania, Malta, Slovenia, Germany, the U.K., and the U.A.E. More than 200 malicious advertisements impersonating legitimate macOS software have been found. The end goal of these efforts is to direct users to fake pages that contain ClickFix-like instructions to deliver MacSync stealer. Another ClickFix campaign has been observed using fake CAPTCHA verification lures on bogus phishing pages to distribute stealer malware that can harvest data from web browsers, gaming apps like Steam, cryptocurrency wallets, and VPN apps. According to ReliaQuest data, a quarter of attacks used social engineering for initial access last year, with ClickFix responsible for delivering 59% of the top malware families.

Meta went ahead with a plan to encrypt the messaging services connected to its Facebook and Instagram apps despite internal warnings that it would hinder the social media giant’s ability to flag child-exploitation cases to law enforcement, Reuters reported. The internal chat exchange dated March 2019 was filed in connection with a lawsuit brought by the U.S. state of New Mexico, accusing it of exposing children and teens to sexual exploitation on its platforms and profiting from it. In response to the concerns raised, Meta said it worked on additional safety features before it launched encrypted messaging on Facebook and Instagram in 2023.

Threat actors are exploiting a now-patched security flaw in internet-facing Apache ActiveMQ servers (CVE-2023-46604) to deploy LockBit ransomware. «Despite being evicted after the initial intrusion, they successfully breached the same server on a second occasion 18 days later,» The DFIR Report said. «After compromising the server, the threat actor used Metasploit, possibly along with Meterpreter, to perform post-exploitation activities. These activities included escalating privileges, accessing LSASS process memory, and moving laterally across the network. After regaining access following their eviction, the threat actor swiftly transitioned to deploying ransomware. They leveraged credentials extracted during their previous breach to deploy LockBit ransomware via RDP.» The ransomware is suspected to be crafted using the leaked LockBit builder.

Two newly flagged Google Chrome extensions, Pixel Shield – Block Ads (ID: nlogodaofdghipmbdclajkkpheneldjd) and PageGuard – Phishing Protection (ID: mlaonedihngoginmmlaacpihnojcoocl), have been found to adopt the same playbook as CrashFix, where the browser is deliberately crashed, and the user is tricked into running a malicious command à la ClickFix. The most concerning aspect of this campaign is that the extensions actually work and offer the advertised functionality. «The original NexShield DoS created a billion chrome.runtime.connect() calls,» Annex Security’s John Tuckner said. «These variants use a different technique I’m calling the Promise Bomb because it crashes the browser by flooding Chrome’s message passing system with millions of unresolvable promises.» While the original NexShield used timer-based activation, the new variants have evolved to push notification-based command-and-control (C2), causing the denial-of-service to be triggered only when the C2 server sends a push notification containing a «newVersion» value ending in «2.» This, in turn, gives the attacker selective remote control over when the crashes happen.

Cybersecurity firm Stairwell said more than 80% of the IT networks it monitors run versions of WinRAR vulnerable to CVE-2025-8088, a vulnerability that has been widely exploited by cybercrime and cyber espionage groups. «This finding underscores a persistent challenge in enterprise security when widely deployed, trusted software that quietly falls out of date and becomes a high-value target for attackers,» Alex Hegyi said.

A new analysis from Trail of Bits has revealed that more than 723,000 open-source projects use cryptographic libraries with insecure defaults. The aes-js and pyaes libraries have been found to provide a default initialization vector (IV) in their AES-CTR API, leading to a large number of key/IV reuse bugs. «Reusing a key/IV pair leads to serious security issues: if you encrypt two messages in CTR mode or GCM with the same key and IV, then anybody with access to the ciphertexts can recover the XOR of the plaintexts, and that’s a very bad thing,» Trail of Bits said. While neither library has been updated in years, strongSwan has released an update to address the problem in strongMan (CVE-2026-25998).

OpenAI and Paradigm have jointly announced EVMbench, a benchmark that measures how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities. «EVMbench draws on 120 curated vulnerabilities from 40 audits, with most sourced from open code audit competitions,» OpenAI said. «EVMbench is intended both as a measurement tool and as a call to action. As agents improve, it becomes increasingly important for developers and security researchers to incorporate AI-assisted auditing into their workflows.»

A Russian national has been accused of trying to extort money from the notorious Conti ransomware group by posing as an officer of Russia’s Federal Security Service (FSB), according to local media reports. RBC reported that the suspect, Ruslan Satuchin, posed as an FSB officer and demanded a large payment from Conti. Although an investigation was formally launched in September 2025, the incident allegedly began in September 2022 when Satuchin contacted one of the members of the hacker group and extorted them to avoid criminal liability. Once a prolific ransomware gang, Conti shut down its operations in mid-2022 after splintering into small groups.

Varonis has disclosed details of a newly identified cybercrime service known as 1Campaign that enables threat actors to run malicious Google Ads for extended periods of time while evading scrutiny. The cloaking platform «passes Google’s screening, filters out security researchers, and keeps phishing and crypto drainer pages online for as long as possible, funneling real users to attacker-controlled sites,» Varonis security researcher Daniel Kelley said. «It combines real-time visitor filtering, fraud scoring, geographic targeting, and a bot guard script generator into a single dashboard.» It’s developed and maintained by a threat actor named DuppyMeister for over three years, along with offering Telegram channels for support. Traffic linked to 1Campaign has been distributed across the U.S., Canada, the Netherlands, China, Germany, France, Japan, Hungary, and Albania.

A social engineering campaign has been observed using Microsoft Teams meetings to trick attendants into installing macOS malware. Daylight Security has assessed that the activity is consistent with an ongoing attack campaign orchestrated by North Korean threat actors under the name GhostCall. «During the call, the attacker claimed audio issues and coached the victim into running terminal commands that downloaded and executed malicious binaries,» Daylight researchers Kyle Henson and Oren Biderman said. «Analysts observed staged downloads and execution from macOS cache and temporary paths, Keychain credential access, and outbound connections to newly created attacker-controlled domains.»

Last month, law enforcement authorities from the U.S. seized the notorious RAMP cybercrime forum. The event has had a cascading impact, destabilising trust and accelerating fragmentation across the underground cybercrime ecosystem. There are also speculations that RAMP may have functioned as a honeypot or had been compromised long before its seizure. «Rather than consolidating around a single successor, ransomware actors are redistributing across both gated platforms like T1erOne and accessible forums such as Rehub,» Rapid7 said. «This shift reflects adaptation, not decline. Disruption fractures trust and redistributes coordination across multiple platforms.»

Spanish authorities have announced the arrest of four members of the Anonymous Fénix group for their involvement in distributed denial-of-service (DDoS) attacks. The suspects, whose names were not disclosed, targeted the websites of government ministries, political parties, and public institutions. Two of the group leaders were arrested in May 2025. The first attacks occurred in April 2023. The group is said to have intensified its activities beginning in September 2024, recruiting volunteers to mount DDoS attacks against targets of interest.

A spear-phishing campaign has been observed targeting Argentina’s judicial sector that delivers a ZIP archive containing a Windows shortcut that, when launched, displays a decoy PDF to the victims, while stealthily dropping a Rust-based remote access trojan (RAT). «The campaign leverages highly authentic judicial decoy documents to exploit trust in court communications, enabling successful delivery of a covert remote access trojan and facilitating long-term access to sensitive legal and institutional data,» Seqrite Labs said.

A persuasive lookalike website of Huorong Security antivirus («huoronga[.]com») has been used to deliver a RAT malware known as ValleyRAT. The campaign is the work of a Chinese cybercrime group called Silver Fox, which has a history of distributing trojanized versions of popular Chinese software and other popular programs through typosquatted domains to distribute trojanized installers responsible for deploying ValleyRAT. «Once it’s installed, attackers can monitor the victim, steal sensitive information, and remotely control the system,» Malwarebytes said.

Users searching for developer tools have become the target of an ongoing campaign dubbed GPUGate that uses a malicious installer to deliver Hijack Loader and Atomic Stealer. «The attacker creates a throwaway GitHub account and forks the official GitHub Desktop repository,» GMO Cybersecurity by Ierae said. «The attacker edits the download link in the README to point to their malicious installer and commits the change. Lastly, the attacker used sponsored ads for ‘GitHub Desktop’ to promote their commit, using an anchor in README.md to skip past GitHub’s cautions.» Victims who downloaded the malicious Windows installer would execute a multi-stage loader, while Mac victims received Atomic Stealer.