Your Supply Chain Breach Is Someone Else’s Payday
TeamPCP exploited a single stolen credential to gain write access to trusted software repositories, inject credential-harvesting malware, and cascade across five ecosystems in five days.…
Month: April 2026
Analyzing a Malicious Advanced IP Scanner Google Ad Redirection
So you found yourself responding to an alert about one of your employees downloading a malicious version of Advanced IP Scanner? This has become fairly…
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint…
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices.…
The Shocking Secrets of Madison Square Garden’s Surveillance Machine
Eversole would tell his teams to bust the guys selling knockoff merchandise and “remove scalpers and drug dealers daily, in areas outside and around MSG…
SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool
New research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently deploys…
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
Cybersecurity Researchers from Zimperium zLabs have shared details on four new Android malware families currently being used in four different campaigns targeting Android banking and…
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two…
This old-school scam is still working
When we read about this new malware tactic, or that novel social engineering approach, it’s easy to forget that there are scammers out there making…
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Ravie LakshmananApr 17, 2026Vulnerability / Endpoint Security Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain…
Oslo’s robots aren’t yet taking over, but are already punching above their weight
After establishing a robotics ecosystem, leading innovators from Norway’s capital are calling for more open access to risk capital so that they can take the…
Grinex Cyberattack Triggers $15M Crypto Wallet Breach
The Grinex cyberattack has once again drawn attention to the vulnerabilities facing the global Crypto exchange ecosystem. In a cyberattack on Grinex, the Kyrgyzstan-based platform was forced to…