A North Korea-linked threat cluster known as UNC1069 is targeting cryptocurrency and Web3 professionals through fake video meetings that mimic Zoom and Microsoft Teams. Mandiant…
A newly documented intrusion campaign shows how attackers can turn a legitimate signed Intel utility into a stealth malware launcher without modifying the original binary.…
A newly documented malware campaign is delivering two very different threats in one infection chain: Gh0st RAT for long-term remote control and CloverPlus adware for…
Fortinet customers using FortiSandbox 4.4 should move quickly. Fortinet says CVE-2026-39808 is a critical unauthenticated OS command injection flaw that can let an attacker execute…
Nearly 6 million internet-facing hosts still run FTP in 2026, according to a new Censys exposure brief. The firm says it observed about 5,949,954 hosts…
A newly observed Mirai-based malware campaign is exploiting vulnerable TBK digital video recorders to pull more internet-connected devices into a DDoS botnet. Fortinet’s FortiGuard Labs…
Researchers say sensitive Fiverr user files, including tax documents, IDs, contracts, and credentials, were publicly accessible through Google search results after files hosted on a…
A security researcher says Anthropic’s Claude Opus helped assemble a working exploit chain against an outdated Chromium build bundled inside Discord. The claim matters because…
A reported iPhone passcode bug may leave some users locked out of their devices if their custom alphanumeric passcode includes a Czech keyboard character that…
OpenAI has expanded its Trusted Access for Cyber program and started offering GPT-5.4-Cyber to vetted defenders, security teams, and selected organizations. The company says the…
November 21, 2025
1 comment 
