The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...
RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...
A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
The U.S. Treasury has removed three individuals linked to Intellexa and Predator spyware from its sanctions list, without ...
IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now ...
Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from ...
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote ...
Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload; patch available.
This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
AI-driven attacks leaked 23.77 million secrets in 2024, revealing that NIST, ISO, and CIS frameworks lack coverage for ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback