4+ hour, 16+ min ago  (327+ words) The vulnerability was originally assigned a CVSSv4 score of 4. 7 (medium), but following confirmed in-the-wild exploitation, Palo Alto Networks revised the score to7. 8 (high)on May 29, 2026, the same day CISA added it to the Known Exploited Vulnerabilities (KEV)catalog. When the certificate used…...

5+ hour, 16+ min ago  (437+ words) Operating under the guise of two malicious ad-blocking extensions, the campaign captures sensitive chat logs, account metadata, and model usage from eight major AI platforms while maintaining a completely legitimate appearance. The operation, internally tracked as Panel 231, successfully targets Chat…...

3+ day, 1+ hour ago  (407+ words) Russian state-sponsored threat actor APT28, also known as Fancy Bear or Forest Blizzard, has aggressively shifted its cyber espionage tactics to focus on zero-click vulnerabilities and edge infrastructure. Recent threat intelligence reveals that the group, publicly attributed to the GRU's Unit…...

3+ day, 5+ hour ago  (349+ words) Moving away from traditional phishing emails, threat actors are now leveraging the algorithms of popular social media applications to trick unsuspecting users into compromising their own systems. By exploiting the viral nature of short videos, attackers are successfully luring victims…...

3+ day, 23+ hour ago  (416+ words) Recently observed targeting users in the Middle East and North Africa (MENA), these campaigns trick victims into clicking fake promotional offers. Instead of receiving free internet or financial aid, victims are pulled into a massive fraud ecosystem. Sniper Dz acts…...

4+ day, 6+ hour ago  (458+ words) A significant resurgence of the JDY botnet, a covert reconnaissance network linked to China-nexus threat groups such as Volt Typhoon. Originally part of the larger KV-botnet ecosystem that was heavily disrupted by U. S. government takedowns in early 2024, the JDY cluster managed…...

5+ day, 5+ hour ago  (399+ words) Social media algorithms are designed to serve up exactly what you want to see. However, threat actors are now manipulating these systems to deliver malware. By leveraging short-form videos on platforms like Tik Tok and Instagram Reels, attackers are pushing…...

5+ day, 5+ hour ago  (428+ words) Cybersecurity researchers have uncovered a highly sophisticated phishing campaign that uses tax-themed emails to deliver advanced in-memory malware to Windows users. The malicious operation relies heavily on social engineering and government impersonation to trick victims into compromising their own systems....

6+ day, 18+ min ago  (379+ words) Threat actors initially distributed the malware through official channels, including the Samsung Galaxy Store and Xiaomi's Get Apps application catalog. To avoid premature detection, the attackers disguised the Trojan within more than 50 different games and utility programs. These infected apps…...

6+ day, 2+ hour ago  (393+ words) Cybercriminals have launched a highly deceptive phishing campaign targeting Microsoft 365 users. This operation utilizes a sophisticated technique known as a Browser-in-the-Browser (Bit B) attack to steal sensitive corporate data. With cloud-based operations serving as the backbone for many modern businesses, compromising…...