Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr satellite, hijacking state... Read more »

GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware actors for initial access, then handed off to others.... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to... Read more »

Cisco Talos says a China-linked group, tracked as UAT-8837, has targeted North American critical infrastructure since last year. Cisco Talos reports that threat group UAT-8837, likely linked to China,... Read more »

A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada’s national self-regulatory body overseeing investment... Read more »

Cisco fixed a maximum severity AsyncOS flaw in Secure Email products, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco fixed a critical AsyncOS flaw, tracked as... Read more »

A critical Modular DS WordPress flaw (CVE-2026-23550) is actively exploited, enabling unauthenticated privilege escalation. Threat actors are actively exploiting a critical Modular DS WordPress vulnerability tracked as CVE-2026-23550 (CVSS... Read more »