Latest IntelligencePage 35
Search by keyword →
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credential...
Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries
Lithuanian authorities are on high alert after a massive data leak involving more than 600,000 entries from national data registers. The post Lithuania Suspects...
Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands
The two own Dutch companies that allegedly provided bulletproof hosting services to Russia-aligned threat actors. The post Admins of Bulletproof Hosting Service...
CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-e...
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-e...
EU Finalizes Record DMA Fine Against Google Over Search Self-Preferencing Abuse
The European Union is on the verge of issuing its largest-ever penalty under the Digital Markets Act, targeting Alphabet’s Google for allegedly manipulati...
CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management ...
Phishing Services Use RCS and iMessage to Bypass Traditional SMS Security Filters
A new wave of phishing operations is quietly changing the way cybercriminals steal financial data from everyday people. Rather than relying on traditional SMS m...
Payload Ransomware Uses ChaCha20 and Curve25519 ECDH to Encrypt Windows Files
A dangerous new ransomware strain called Payload has been quietly building a global victim list since it first appeared in February 2026. The group launched its...
PuTTY 0.84 Released With Fix for SSH KEX Crashes and Telnet Prompt Spoofing Flaw
PuTTY 0.84 has been released with fixes for multiple minor security flaws, including issues that could trigger SSH key exchange crashes and a Telnet prompt spoo...
Microsoft: Domain Controller lookup may fail on Windows Server 2016
Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May...
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures imper...
7-Eleven data breach exposes personal information of 185,000 people
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in Apr...
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a ...
New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hij...
Anthropic’s Restricted Claude Mythos Moves Toward Public Release via Claude Code and Security
Anthropic appears to be loosening its grip on Claude Mythos, the company’s most powerful and previously restricted AI model, with new signals pointing to ...
Megalodon campaign compromises over 5,500 GitHub repositories with malicious commits
Security researchers have uncovered a large-scale supply chain attack dubbed “Megalodon” that injected malicious GitHub Actions workflows into more than 5,500 r...
InvisibleFerret Malware Now Ships as .pyd and .so Files to Evade Script Detection
A North Korea-linked hacker group has quietly upgraded one of its most dangerous tools, making it harder for security software to detect. InvisibleFerret, an in...
Cloud Atlas APT Group Modifies termsrv.dll to Enable Multiple RDP Sessions on Victim Hosts
A well-known advanced persistent threat group called Cloud Atlas has been caught using a dangerous technique to hijack Windows systems without alerting anyone o...
Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts
Cybercriminals are openly selling verified bank accounts, fintech wallets, and cryptocurrency exchange accounts through Telegram channels, turning money launder...