Iran War Bait Fuels TA453, TA473 Phishing Campaigns
TA453, TA473, and several emerging threat clusters are exploiting breaking news about the Iran war to run highly targeted phishing campaigns against governments and policy…
Latest Cybersecurity News — Page 66
View all →
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Most of us have clicked the familiar “prove you are human” box from Cloudflare while browsing the web. Now attackers are using that same security…
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Ravie LakshmananMar 13, 2026Linux / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel’s AppArmor module that could be exploited by unprivileged…
Vulnerability reports: Increase in quantity, decrease in quality?
The concept of the bug bounty is relatively simple: a researcher probes networks and applications for potential vulnerabilities, finds one, and reports it to the…
US medical device maker Stryker’s Microsoft environment attacked
An Iranian-linked hacking group has claimed responsibility for a destructive cyberattack on US-based medical device and services provider Stryker, according to messages posted to the…
Securing Unstructured Data in the Era of AI
Beyond File Servers: Securing Unstructured Data in the Era of AI Pierluigi Paganini March 13, 2026 File servers still exist for legacy storage and governance,…
Telus Digital hit with massive data breach
In other words, he said, the systems likely trusted the attacker, noting that, based on publicly available details, this incident aligns with a growing class…
Third-Party Risk Statistics
Key Takeaways Third-party risk is escalating. In 2024, 30% of breaches involved a third-party vendor, twice as much as the previous year. Static assessments are…
Remote Monitoring and Management Tools: A Gateway for Bulk Attacks on MSP Customers, Pt. 2
In mid-June, Huntress saw an incident where a threat actor compromised an MSP’s Remote Monitoring and Management (RMM) tool in an attempt to target three…
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency…
Authorities Dismantle Malicious Proxy Service Used to Deploy Malware Attacking Thousands of Users
Authorities Dismantle Malicious Proxy Service An international law enforcement operation led by the U.S. Justice Department has successfully dismantled SocksEscort, a massive residential proxy network.…
Storm-2561 Uses SEO Poisoning, Fake Signed VPN Apps to Steal Enterprise Credentials
A financially motivated threat actor tracked as Storm-2561 is running a credential theft campaign that abuses SEO poisoning and fake, signed VPN installers to steal…