Attackers Abuse WSL2 to Operate Undetected on Windows Systems
Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With…
Month: January 2026
UK govt. warns about ongoing Russian hacktivist group attacks
The U.K. government is warning of continued malicious activity from Russian-aligned hacktivist groups targeting critical infrastructure and local government organizations in the country in disruptive…
Attackers Redirected Employee Paychecks Without Breaching a Single System
A seemingly simple phone call became the gateway to a sophisticated attack that diverted employee paychecks without any malware or network breach. An organization discovered…
Cybercriminals Impersonate Malwarebytes to Steal User Credentials
As part of an ongoing effort to highlight active and technically interesting intrusions, a new “Flash Hunting Findings” investigation has uncovered a short but well‑structured…
New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware
A new spear-phishing campaign known as Operation Poseidon has emerged, exploiting Google’s advertising infrastructure to distribute EndRAT malware while evading traditional security measures. he attack…
Windows SMB Client Vulnerability Exposes Organizations to Full Active Directory Compromise
A severe vulnerability in Windows Server Message Block (SMB) client authentication has emerged as a critical threat to Active Directory environments. CVE-2025-33073, a logical flaw in NTLM…
Microsoft releases fix for flawed January security update
Microsoft has released fixes for a set of flawed January 2026 security updates that caused authentication and power management issues for some users. The updates are…
Hacker admits to leaking stolen Supreme Court data on Instagram
A Tennessee man has pleaded guilty to hacking the U.S. Supreme Court’s electronic filing system and breaching accounts at the AmeriCorps U.S. federal agency and…
CIRO Confirms Data Breach Impacting 750,000 Canadian Investors
The Canadian Investment Regulatory Organization (CIRO) has officially confirmed a significant data breach affecting approximately 750,000 Canadian investors, stemming from a sophisticated phishing attack initially…
Pulsar RAT Abuses Memory-Only Execution and HVNC for Stealthy Remote Takeover
Pulsar RAT, an advanced evolution of the open-source Quasar RAT, is actively targeting Windows systems with enhanced stealth capabilities and fileless execution techniques. This modular…
Davos 2026 attendees can navigate event with Salesforce AI ’concierge’
Attendees of this year’s World Economic Forum (WEF) in Davos will be able to use an artificial intelligence (AI) “concierge” from Salesforce within the event’s…
StealC malware control panel flaw leaks details on active attacker
StealC malware control panel flaw leaks details on active attacker Pierluigi Paganini January 19, 2026 Researchers uncovered an XSS flaw in StealC malware’s control panel,…