Patch Tuesday, April 2026 Edition – Krebs on Security
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day…
Category: Krebson
Russia Hacked Routers to Steal Microsoft Office Tokens – Krebs on Security
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security…
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab – Krebs on Security
An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a…
‘CanisterWorm’ Springs Wiper Attack Targeting Iran – Krebs on Security
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured…
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks – Krebs on Security
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three…
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker – Krebs on Security
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in…
Microsoft Patch Tuesday, March 2026 Edition – Krebs on Security
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day”…
How AI Assistants are Moving the Security Goalposts – Krebs on Security
AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are…
Who is the Kimwolf Botmaster “Dort”? – Krebs on Security
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive…
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA – Krebs on Security
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse…
Kimwolf Botnet Swamps Anonymity Network I2P – Krebs on Security
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted…
Patch Tuesday, February 2026 Edition – Krebs on Security
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six…