Latest IntelligenceThreat IntelligencePage 5
Search by keyword →
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
The acquisition strengthens Cisco’s push into identity-centric security for AI and machine access. The post Cisco Moves to Acquire Astrix Security to Tackle Non...
Malicious Tanstack Package Uses Postinstall Script to Steal Developer Environment Files
A malicious npm package impersonating the widely trusted TanStack project was discovered on April 29, 2026, silently stealing developer environment files the mo...
Attackers Weaponize SAP npm Packages to Steal GitHub, Cloud, and AI Coding Tool Secrets
A new supply chain attack is targeting the SAP developer ecosystem through poisoned npm packages. The campaign uses a malicious worm called “Mini Shai-Hul...
OpenAI Rolls Out Advanced Security for ChatGPT Accounts
Advanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion. The post OpenAI Rolls Out Adv...
.webp)
Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed
The way cyberattacks are launched has fundamentally changed. Threat actors are no longer spending months hunting for software flaws by hand. With artificial int...
Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace
Threat actors are rapidly shifting their intrusion tradecraft toward high-speed, SaaS-centric attacks that completely bypass traditional endpoint security. Sinc...
Attackers Abuse Google AppSheet, Netlify, and Telegram in Facebook Phishing Campaign
A sophisticated cybercriminal operation dubbed “AccountDumpling” has compromised approximately 30,000 Facebook accounts worldwide. Discovered by Gua...
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into Threa...
EtherRAT Campaign Uses SEO Poisoning and GitHub Facades to Target Enterprise Admins
A new and well-planned malware campaign has been actively targeting enterprise administrators, DevOps engineers, and security analysts by hijacking their everyd...
Attackers Abuse CAPTCHA and ClickFix Tactics to Boost Credential Theft Campaigns
Cybercriminals are no longer relying on simple email tricks alone. Across the first quarter of 2026, attackers have been sharpening their approach by using CAPT...
Hugging Face, ClawHub Abused for Malware Distribution
Threat actors are relying on social engineering to lure users into downloading files containing malicious instructions. The post Hugging Face, ClawHub Abused fo...
China-Aligned Attackers Use ShadowPad, IOX Proxy, and WMIC in Multi-Stage Espionage Campaign
A China-aligned threat group has been carrying out a carefully planned espionage campaign against government agencies and critical infrastructure across Asia. T...
New Fake CAPTCHA Campaign Uses SMS Pumping Fraud to Run Up Victims’ Phone Bills
A newly documented scam campaign is using fake CAPTCHA pages to silently trigger dozens of international SMS messages from victims’ mobile phones, leaving...
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
The compromised Lightning and Intercom packages have a combined monthly download count of nearly 10 million. The post 1,800 Hit in Mini Shai-Hulud Attack on SAP...
Targeted Large-Scale Campaign Attacking U.S. Organizations with Fake Event Invitations
A large-scale phishing campaign is actively targeting organizations across the United States, using fake event invitations to deceive employees into handing ove...
SAP NPM Packages Targeted in Supply Chain Attack
The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. The post SAP NPM Packages Targeted in ...
OpenAI Releases 5-Point Action Plan to Strengthen AI-Powered Cyber Defense
OpenAI has published a comprehensive cybersecurity action plan titled “Cybersecurity in the Intelligence Age: An Action Plan for Democratizing AI-Powered ...
Google AppSheet abused to compromise 30,000 Facebook accounts
A large-scale phishing operation abusing Google’s AppSheet platform has compromised at least 30,000 Facebook accounts, using fully authenticated emails that byp...
Brinker Introduces a Novel Approach to Deepfake Detection
WILMINGTON, Delaware, April 29th, 2026, CyberNewswire Malicious intent-based deepfake detection shifts the focus from purely technical analysis to real-world ri...
Iranian Cyber Group Handala Targets US Troops in Bahrain
US service members received WhatsApp messages claiming they would be targeted with drones and missiles. The post Iranian Cyber Group Handala Targets US Troops i...