News • Insights • Analysis
In October 2025, Kaspersky researchers discovered a series of forum posts advertising a previously unknown stealer, dubbed “Arkanix Stealer” by its authors. It operated under a MaaS (malware-as-a-service) model, providing users not only with the implant but also with access Read More …
Personal data of roughly 5,000 Italian Digos officers — including names, roles and postings — was reportedly obtained by hackers linked to China after a cyber intrusion into the Interior Ministry’s network between 2024 and 2025. The breach potentially exposes Read More …
The data breach that hit blockchain-based lending giant Figure affected nearly a million customers, according to a security researcher. Last week, Figure confirmed a data breach allowed hackers to steal “a limited number of files” from its systems. The company Read More …
In April 2025, Kaspersky reported on a then-new iteration of the Triada backdoor that had compromised the firmware of counterfeit Android devices sold across major marketplaces. The malware was deployed to the system partitions and hooked into Zygote – the Read More …
Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew – Volt Typhoon – continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Read More …
Thanks to its overnight success and widespread adoption, OpenClaw has painted a large target on its back and is now being attacked by infostealers, after security researchers Hudson Rock claimed to have seen a first-of-its-kind attack in the wild. OpenClaw Read More …
China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It’s all part of a long-running effort to backdoor infected machines for long-term access, according to Google’s Mandiant incident response Read More …
Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild, affecting enterprise mobile fleets and corporate networks. These vulnerabilities allow unauthenticated attackers to remotely execute arbitrary code on target servers, Read More …
A major Indian pharmacy chain operated a flawed platform which exposed highly sensitive data of millions of users, experts have warned. DavaIndia Pharmacy, the pharmacy arm of Zota Healthcare, currently runs more than 2,300 stores across the country – however, Read More …
Dutch telecommunications company Odido has confirmed suffering a cyberattack and losing sensitive data on millions of people. In a notice published on its website, the company says it “deeply regrets” the situation and is “fully committed” to limiting its impact. Read More …
