Russian cybersecurity company Kaspersky, which uncovered the activity in February 2026, said it was aimed at government and diplomatic entities in
Category Added in a WPeMatico Campaign
CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
The vulnerability in question is CVE-2026-58644 (CVSS score: 9.8), a critical deserialization
Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack
The attack left 148 TfL systems inoperable and forced all 27,000 of the transport authority’s employees into an office to get their passwords reset in person. Both the NCA and the CPS put TfL’s losses and recovery
ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories
A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someone else, and the damage moves faster than the explanation.
Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research. Here’s the mess.
n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer
A valid token from issuer A carrying a sub that belongs to someone under issuer B logged you in as them. Their password never
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
“The malware is full-featured, lightweight, and modular,” Elastic Security Labs researcher Cyril François said in a technical report. “While the number of C2 [command-and-control] domains is currently small, the daily
New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password
At the next login, Finder, the Dock, Spotlight, Terminal, Activity Monitor, and
20+ Hijacked Government Websites Became an Attack Channel
The investigation revealed previously undocumented backdoor behavior, hidden infrastructure relationships, and multiple attack arms behind a campaign
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
Neither trick hijacks the agent’s task. Each one just corrupts the facts it trusts and lets it carry on with the job you
Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor
Daxin (“srt64.sys”), as the kernel-mode rootkit is referred to, was first documented by Broadcom-owned Symantec in March 2022, with evidence indicating its use in targeted attacks aimed
