Trending
A previously undocumented China-linked threat group tracked as Shadow-Earth-053 has infiltrated 12+ critical networks across Poland and Asian nations — targeting defense contractors, government agencies, and transport infrastructure.
Data Breaches
Vimeo has confirmed a data breach affecting portions of its user database following a compromise at Anodot, a third-party analytics vendor. The breach has been attributed to ShinyHunters, which exploited trusted API connections between Anodot and its enterprise clients to access Vimeo's environment without directly targeting Vimeo'
Cyber Attacks
An attacker purchased a portfolio of 31 trusted WordPress plugins on a public marketplace, embedded a PHP backdoor in a routine-looking update, and left it dormant for eight months before activating it to distribute hidden SEO spam to thousands of websites — with the malware resolving its command-and-control server through an
Threat Intelligence
BlueNoroff compromised a North American Web3 company using a fake Zoom meeting interface populated with AI-generated deepfakes, deploying a fileless PowerShell implant that maintained persistent access for 66 days while stealing cryptocurrency wallet credentials, browser data, and live webcam footage repurposed to lure future victims. GLOBAL — Arctic Wolf Labs has
Vulnerabilities
Microsoft's February patch for a Windows zero-day actively exploited by Russia's APT28 blocked the remote code execution path — but left behind a zero-click authentication coercion flaw. Akamai researchers found it while testing the fix. That flaw is now CVE-2026-32202, confirmed exploited in the wild, and added
Data Breaches
A hardcoded third-party API key embedded in ClickUp's publicly accessible website JavaScript exposed hundreds of corporate and government email addresses — along with thousands of internal product development flags — for more than a year with no authentication required to access the data. ClickUp has not issued a public statement.
Threat Intelligence
Poland is experiencing a sharp rise in state-linked cyberattacks primarily sourced from Russia, with officials warning that the spread of advanced AI tools will intensify the threat — following a December 2025 power grid attack that came within hours of a nationwide blackout. WARSAW, POLAND — Poland is facing a documented escalation
Threat Intelligence
North Korean threat actors have escalated their developer-targeting campaign by using an AI large language model to insert malicious npm dependencies into legitimate projects — operating through fake U.S.-registered companies and deploying full-featured remote access trojans targeting cryptocurrency wallets and developer infrastructure. GLOBAL — Cybersecurity researchers at ReversingLabs have documented
Cyber Attacks
China-linked Mustang Panda (TA416 / RedDelta) has broadened its targeting from predominantly government and policy entities in the West to India’s banking sector and Korean peninsula policy actors. Using an updated LOTUSLITE backdoor delivered via CHM files and DLL sideloading of legitimate Microsoft-signed executables, the campaign marks a strategic shift
Threat Intelligence
An update on the macOS ClickFix threat: North Korean actors Sapphire Sleet and UNC1069 are now deploying AppleScript-based delivery chains and "Terminal-paste" lures to steal crypto-wallets and credentials from enterprise targets. SEOUL, SOUTH KOREA — The "ClickFix" social engineering phenomenon has officially evolved into a targeted nation-state
Ransomware
The Trigona ransomware-as-a-service (RaaS) group, linked to the Rhantus cybercrime umbrella, has begun using a privately-built exfiltration tool instead of common utilities like Rclone and MegaSync. The new “uploader_client.exe” client helps Trigona move data quickly, rotate connections to hide from network monitoring, and maintain a lower profile during
Data Breaches
Itron Inc. (NASDAQ: ITRI), a leading smart-meter and utility-technology provider, has disclosed a limited-scope cyberattack on its internal systems, confirming unauthorized access but saying operations and customer systems show no material disruption. LIBERTY LAKE, WASHINGTON — Itron Inc., a global heavyweight in the smart-metering and grid-management sector, has formally disclosed a