î ‚Jan 10, 2026î „Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. “The campaign …
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors Read More »
AI-powered attacks are putting enterprise security teams at a disadvantage due to a shift in the threat model, rather than weak defenses. As AI agents become more prevalent, attackers are exploiting vulnerabilities at runtime, with breakout times in seconds and …
The 11 runtime attacks breaking AI security — and how CISOs are stopping them Read More »
Russian APT28 Linked to Credential Harvesting Attacks Targeting Energy and Nuclear Research Agency î ‚Jan 09, 2026î „Ravie LakshmananEmail Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with …
China-Nexus Threat Actor UAT-7290 Linked to Espionage Activities î ‚Jan 08, 2026î „Ravie LakshmananMalware / Threat Intelligence style=”display: block; text-align: center; clear: left; float: left;”> A recent report by Cisco Talos has linked a China-nexus threat actor known as UAT-7290 to espionage-focused …
China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes Read More »
style=”display: block; text-align: center; clear: left; float: left;”> Cybersecurity experts have unveiled details of a critical security vulnerability in the widely used workflow automation platform, n8n, which could potentially grant unauthorized remote access to vulnerable instances. The flaw, identified as …
î ‚Jan 06, 2026î „Ravie LakshmananMalware / Endpoint Security Cybersecurity experts have uncovered details of a newly identified campaign known as PHALT#BLYX that has utilized ClickFix-type baits to offer solutions for fake blue screen of death (BSoD) errors in assaults aimed at …
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat Read More »
î ‚Jan 05, 2026î „Ravie LakshmananHacking News / Cybersecurity The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved …
IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More Read More »
Attack Surface Management (ASM) tools offer the promise of reduced risk, but often deliver more information instead. Security teams implement ASM, leading to the growth of asset inventories, increased alerts, and filled dashboards. While there is visible activity and measurable …
According to a report from Gartner, four out of 10 enterprise applications will incorporate task-specific AI agents this year. However, only 6% of organizations have an advanced AI security strategy in place, as revealed by research from Stanford University’s 2025 …
Seven steps to AI supply chain visibility — before a breach forces the issue Read More »
The cyber threat group Transparent Tribe has launched a series of new attacks targeting various Indian governmental, academic, and strategic entities using a remote access trojan (RAT) to gain persistent control over compromised systems. According to a technical report by …
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia Read More »
