All Recent Posts

Internet Security

Lazarus APT unveils fileless remote access Trojan designed to evade detection

May 26, 2026 add comment
North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its... Read more »
Internet Security

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

May 26, 2026 add comment
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was... Read more »
Internet Security

Ghost CMS flaw abused to push ClickFix attacks on hundreds of sites

May 25, 2026 add comment
Attackers are exploiting the patched Ghost CMS flaw CVE-2026-26980, compromising over 700 unpatched sites, including universities. Threat actors are actively exploiting a security flaw, tracked as CVE-2026-26980, in Ghost CMS... Read more »
Internet Security

340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks

May 25, 2026 add comment
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database... Read more »

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

May 25, 2026 add comment
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is... Read more »
The Hacker News

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

May 25, 2026 add comment
Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN’s Satori Threat Intelligence and Research Team,... Read more »

The New Phishing Click: How OAuth Consent Bypasses MFA

May 25, 2026 add comment
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries.  The targets of... Read more »
Internet Security

Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning

May 25, 2026 add comment
A zero-click attack targeting iPhones on iOS 16 hijacked WhatsApp accounts without linked devices, warnings, or user interaction. There is a particular kind of security incident that is harder... Read more »
Internet Security

Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation

May 25, 2026 add comment
Dutch authorities arrested two suspects and seized 800 servers tied to Stark Industries, a hosting firm linked to cyberattacks and disinformation. Dutch financial crime investigators arrested two men and... Read more »
Internet Security

FBI director Kash Patel’s brand website taken offline after malware reports

May 25, 2026 add comment
FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI... Read more »
Subscribe to our Newsletter