Jan 13, 2026Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert… Read More "New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack"
Jan 13, 2026Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked… Read More "CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution"
deVixor: An Evolving Android Banking RAT with Ransomware Capabilities Targeting Iran Cyble analyzed deVixor, an advanced Android banking RAT with ransomware features actively targeting Iranian users. Executive Summary deVixor is an actively developed Android banking malware campaign operating at scale,… Read More "DeVixor: An Evolving Android Banking RAT With Ransomware Capabilities Targeting Iran"
1. Cisco Why they’re here: With its strong roots in networking, Cisco has an established foothold in the enterprise — and a stranglehold on the data that networking gear generates. The acquisitions of Duo Security (multifactor authentication and zero trust),… Read More "Top 10 vendors for AI-enabled security — according to CISOs"
In testimony last month in federal court in Minnesota, FBI special agent Bernardo Medellin appeared to directly contradict a claim that ICE agent Jonathan Ross made under oath about whether a man they were trying to detain had asked to… Read More "FBI Agent’s Sworn Testimony Contradicts Claims ICE’s Jonathan Ross Made Under Oath"
Mit Shai-Hulud wurden die Spielregeln verändert, indem es eine wurmähnliche Verbreitung einführte. Sobald es auf dem Rechner eines Entwicklers landet, sammelt es aktiv Anmeldedaten (NPM-Token, GitHub-Geheimnisse). Es nutzt diese gestohlenen Anmeldedaten, um infizierte Versionen anderer legitimer Pakete, die das Opfer… Read More "Shai-Hulud & Co.: Die Supply Chain als Achillesferse"
The State of Minnesota and the cites of Minneapolis and St. Paul on Monday filed a sweeping federal lawsuit to halt what they call an unprecedented and unlawful surge of US federal agents in the Twin Cities, arguing the deployment… Read More "Minnesota Sues to Stop ICE ‘Invasion’"
A question of data integrity Experts had mixed responses to the news of the database leak. “The breach significantly undermines trust in the platform itself, which is critical for any cybercrime forum,” said Michael Jepson, penetration testing manager at consultancy… Read More "Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users"
In 2026, we won’t see terrorism incidents similar to 9/11, when hijacked airplanes struck the World Trade Center, or the Oklahoma City bombing, when ammonium nitrate–packed trucks leveled federal buildings. Instead, the next act of terror will begin with the… Read More "The US Must Stop Underestimating Drone Warfare"
Ten Emergency Directives issued between 2019 and 2024 have been formally retired by the US Cybersecurity and Infrastructure Security Agency (CISA) following a review that found their objectives had been met. The decision marks the most significant number of Emergency… Read More "CISA Closes Ten Emergency Directives After Federal Cyber Reviews"
