3+ hour, 14+ min ago  (795+ words) A stealthy new remote access trojan, dubbed'STX'RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques to stay under the radar of security tools. The operators rely on opportunistic initial access, including…...

4+ hour, 45+ min ago  (728+ words) Hackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, Lucid Rook, against organizations in Taiwan. The campaign, tracked as UAT-10362, focuses on Taiwanese NGOs and likely universities and shows a high…...

4+ hour, 26+ min ago  (461+ words) As cyberattacks become increasingly targeted, hackers are consistently focusing on the core systems that keep enterprise businesses running smoothly. Microsoft security researchers found that more than 78 percent of human-operated attack campaigns successfully compromise a critical asset, such as a domain…...

5+ hour, 22+ min ago  (383+ words) A threat actor has allegedly executed one of the largest data heists in China's history, siphoning an astounding 10 petabytes of highly classified information from the National Supercomputing Center (NSCC) in Tianjin. The Tianjin center serves as a centralized infrastructure hub…...

8+ hour, 24+ min ago  (305+ words) Sonic Wall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the door for attackers to escalate their system privileges, guess user credentials, and bypass essential multi-factor authentication protocols. The most…...

8+ hour, 14+ min ago  (653+ words) New analysis of a fake Telegram installer uploaded to Malware Bazaar shows Silver Fox expanding its Valley RAT operations with a fresh delivery chain that hides behind a Chinese-language pack-decoy and an uncommon ZPAQ-based packer. The MSI is a Wi…...

6+ hour, 38+ min ago  (530+ words) A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the Open SSF Siren mailing list, a public threat intelligence platform designed to alert developers and security teams about active threats after initial…...

9+ hour, 27+ min ago  (453+ words) Microsoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23 H2 users. The tech giant quickly acknowledged the incident and deployed an automatic fix behind the scenes. Because the repair happens directly on Microsoft's…...

5+ hour, 45+ min ago  (262+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added the vulnerability, identified as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…...

1+ day, 4+ hour ago  (258+ words) A newly disclosed flaw in Open SSL could allow attackers to access sensitive data stored in application memory. Open SSL issued the security advisory on April 7, 2026, urging users to apply patches immediately. The core issue revolves around improper failure handling…...