Adapt or pay: an analysis of the AdaptixC2 framework

As highlighted in our previous post about the Mythic framework, threat actors are rapidly adopting emerging technologies and frameworks. A prime example of this trend is AdaptixC2, a relatively new open-source post-exploitation framework that has quickly captured the attention of Read More …

Disgruntled researcher releases second major Windows zero-day

The same disgruntled researcher who recently disclosed a zero-day vulnerability in Windows has now done it again, this time targeting Microsoft Defender, the operating system’s native antivirus solution. A researcher with the alias “Chaotic Eclipse” has posted a proof-of-concept (PoC) Read More …

British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency

SANTA ANA, California – A United Kingdom man pleaded guilty today to conspiring with others to hack into the computer systems of at least a dozen companies via text message phishing attacks and to steal at least $8 million in Read More …

Patient medical data stolen in Chipsoft ransomware attack

Medical software company Chipsoft has confirmed that patient data was stolen in a ransomware attack last week, after initially telling clients that personal data was “probably” safe. The attack hit family doctors, rehabilitation clinics and the Rotterdam Eye Hospital, which Read More …

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

Microsoft Threat Intelligence uncovered a macOS‑focused cyber campaign by the North Korean threat actor Sapphire Sleet that relies on social engineering rather than software vulnerabilities. By impersonating a legitimate software update, threat actors tricked users into manually running malicious files, Read More …

Europol-supported global operation targets over 75 000 users engaged in DDoS attacks

On 13 April 2026, 21 countries joined forces in a coordinated action week that focused on enforcement and prevention measures against over 75 000 criminal users engaging in distributed denial-of-service (DDoS)-for-hire services. With over 75 000 warning emails and letters Read More …

Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

Watch out for more Fortinet vulns! Two critical bugs in Fortinet’s sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems. Luckily, the security vendor has issued fixes – so patch now – and so Read More …

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

Malwarebytes Labs researchers uncovered multiple campaigns distributing an infostealer we track as NWHStealer, using everything from fake VPN downloads to hardware utilities and gaming mods. What makes this campaign stand out isn’t just the malware, but how widely and convincingly Read More …

Europe rolls out online age verification app to protect young people

Europe doesn’t want to hear any more excuses from tech platforms for why they can’t verify users’ ages. European Commission President Ursula von der Leyen on Tuesday announced a new European age verification app that will give users a sort Read More …