News • Insights • Analysis
Cryptocurrency executives and whales alike are increasingly being targeted by a mix of criminal elements worldwide, even as security continues to be beefed up to protect the not-so-anonymous owners of cryptocurrency. The transparency introduced to the crypto world is putting Read More …
Dutch police say they dismantled a large botnet this week comprising at least 17 million infected devices. After being tipped off by a researcher at the Netherlands’ National Cyber Security Centre (NCSC-NL), police began an investigation, which resulted in the Read More …
A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openew[.]app, closely mimics OpenAI’s real ChatGPT download experience and offers what Read More …
CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and Read More …
Hackers are targeting Signal users in an attempt to steal their chat backups as part of a new hacking campaign, TechCrunch has learned. On Wednesday, Washington Post analyst Josh Rogin posted a screenshot of a new kind of attack against Read More …
Carnival Corporation – the world’s largest cruise operator – has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers’ records. The breach, Carnival confirmed, stemmed from an April 14 social engineering attack Read More …
The FBI is issuing this Public Service Announcement (PSA) to warn the public that cyber threat actors are conducting spoofing attacks against the Fédération Internationale de Football Association (FIFA) website in advance of the 2026 FIFA World Cup. A spoofed website Read More …
A critical command injection vulnerability has been discovered in Universal Robots PolyScope 5, the operating system whucg powers the company’s collaborative robots. The flaw, tracked as CVE-2026-8153, carries a CVSS score of 9.8 and affects all software versions prior to PolyScope 5.25.1. Read More …
In 2025, Kaspersky observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group which was known to Kaspersky Read More …
ROADtools is a publicly available toolkit for offensive and defensive security purposes that attackers have integrated into cloud attacks. The tool is designed to: Enumerate Entra ID Register devices in Entra ID Acquire, exchange and manipulate Microsoft Entra ID tokens Read More …
