The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...
Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...
Patch Tuesday: Microsoft fixes a record 621 CVEs, including 2 exploited zero-days and critical flaws affecting SharePoint, RDP, Hyper-V, and AD FS. Microsoft's July 2026 Patch Tuesday is, by a sig ...
U.S. sanctions hit VPN provider 1VPNS and a cryptor seller for enabling ransomware gangs behind billions in losses to critical infrastructure. The U.S. Treasury's Office of Foreign Assets Control ...
Huntress found an AI-generated PowerShell script used for AD reconnaissance, showing attackers are using AI to create custom, evasive tools. During an incident response investigation on June 3, 20 ...
Japan's largest taxi operator Nihon Kotsu shut down systems after a malware attack, disrupting dispatch and bookings. Nihon Kotsu, Japan's largest taxi company, disclosed on July 13, 2026 that it ...
New macOS infostealer CrashStealer uses a signed app to bypass Gatekeeper, steals credentials and wallets, then AES-encrypts stolen data. Jamf Threat Labs first spotted CrashStealer in early May 2 ...
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed. Lidl contacted customers of its online shop in Germ ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...
EU sanctions target nine people and four entities tied to Russia's FSB over a 15-year cyberespionage and critical infrastructure sabotage campaign. The European Union imposed sanctions on Monday t ...
Dutch police suspect local hackers behind the Odido breach that exposed 6M customers after a phishing attack and seek public help identifying them. Dutch police have identified strong indications ...
Australia warns of a global campaign exploiting CMS flaws to deploy webshells on WordPress, Joomla, and other websites. Australia's Signals Directorate has issued an alert about a large-scale expl ...
An alleged Ryuk ransomware member pleaded guilty in the U.S. for helping deploy attacks on American companies and faces up to 15 years in prison. Armenian national Karen Serobovich Vardanyan (34) ...
Progress urged ShareFile Storage Zone customers to shut down internet-facing servers immediately over a credible security threat under investigation. Progress Software sent an urgent email to Shar ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Novel Java-Based QuimaRAT Targets Window ...
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Binarly found six U-Boot flaws, including two that enable code execution during boot image verification, impacting 50+ releases. Binarly's research team has found six vulnerabilities in U-Boot, th ...
Zimbra addressed a critical stored XSS vulnerability in its Classic Web Client that lets malicious emails execute code when opened. Zimbra has released version 10.1.19 to fix a critical stored XSS ...
Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide bet ...
Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket's security research team started with the inv ...
A former ransomware negotiator was sentenced to nearly six years for secretly helping BlackCat extort victims while betraying his clients. A U.S. court sentenced former ransomware negotiator Angel ...

