Dark Reading

In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'

With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or ...
CSO Online

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

The campaign used a compromised Telegram account, a fake Zoom meeting, and AI-assisted deception to trick victims into ...
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability.
Cybernews

CISA flags six actively exploited Microsoft zero-days

CISA adds six Microsoft zero-days to its KEV catalog, confirming active exploitation. The flaws include security bypass bugs and a Remote Desktop privilege escalation issue.

Global Group ransomware gang running new campaign using Windows shortcut files

Exploiting .lnk files is a strategy that has been used for years and still works, says new report from Forcepoint.
DataBreachToday

Writing Ransomware Using AI to Get Rich? Don’t Bet the Farm

Attackers that want to use artificial intelligence tools to build ransomware or help run their cyber operations risk getting much less than they bargained for, said ...

Maxim Naumov honors late parents with Olympic debut

The milestone comes just over a year after Naumov’s parents died in the 2025 plane crash over the Potomac River.