Ionut Arghire

Using fake accounts and synthetic data to lure the hackers, the researchers gathered information on their servers.

Fake Booking reservation cancellations and fake BSODs trick victims into executing malicious code leading to RAT infections.

The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations.

The hacking group Crimson Collective has claimed the theft of personal information pertaining to over 1 million Brightspeed customers.

Hackers have compromised a file transfer system at Sedgwick’s subsidiary that serves government agencies.

With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws.

The 2-million-device-strong botnet allows monetization through DDoS attacks, app installs, and the selling of proxy bandwidth.

In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers.

GreyNoise has observed thousands of requests targeting a dozen vulnerabilities in Adobe ColdFusion during the Christmas 2025 holiday.

The worm exposed Trust Wallet’s Developer GitHub secrets, allowing attackers to publish a backdoor extension and steal funds from 2,520 wallets.

The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor.

Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication.

The ecommerce giant will provide purchase vouchers to the 33.7 million individuals impacted by the incident.

Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.

Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers.

The personal information of 21,000 customers was stolen after hackers compromised Red Hat’s GitLab instances.

The package provides legitimate functionality to evade detection, while stealing users’ data and deploying a backdoor.

Authorities in Senegal, Ghana, Benin, and Cameroon dismantled BEC, ransomware, and other cyber-fraud networks.

A recent MacSync Stealer version no longer requires users to directly interact with the terminal for execution.

The cybersecurity startup will use the funds to accelerate platform improvements, global expansion, and partnerships.