Internet Security

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

February 4, 2026 add comment
Ransomware groups now exploit VMware ESXi vulnerability CVE-2025-22225, patched by Broadcom in March 2025. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirms that ransomware gangs are exploiting the... Read more »

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

February 4, 2026 add comment
A Taiwanese man was sentenced to 30 years for running Incognito Market, a major darknet drug site that sold over $105 million in illegal drugs. Rui-Siang Lin (24) was... Read more »

Paris raid on X focuses on child abuse material allegations

February 4, 2026 add comment
French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europol support,... Read more »

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

February 4, 2026 add comment
GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise... Read more »

Microsoft: Info-Stealing malware expands from Windows to macOS

February 4, 2026 add comment
Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapidly expanding from Windows to... Read more »

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

February 3, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

February 3, 2026 add comment
Hackers exploit a critical React Native CLI flaw (CVE-2025-11953) to run remote commands and drop stealthy Rust malware, weeks before public disclosure. Attackers are actively exploiting a critical flaw... Read more »

APT28 exploits Microsoft Office flaw in Operation Neusploit

February 3, 2026 add comment
Russia-linked APT28 is behind Operation Neusploit, exploiting a newly disclosed Microsoft Office vulnerability in targeted attacks. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) is behind Operation... Read more »

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

February 3, 2026 add comment
Rapid7 researchers say the Notepad++ hosting breach is likely linked to the China-nexus Lotus Blossom APT group. Recently, the Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s... Read more »

MoltBot Skills exploited to distribute 400+ malware packages in days

February 2, 2026 add comment
Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and... Read more »
Subscribe to our Newsletter