Microsoft has warned of a high-severity zero-day vulnerability that could lead to an attacker sending arbitrary code to a victim by sending a specially crafted email to an Outlook user. The flaw, tracked as CVE-2026-42897, is due to an improper… Read More "Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers"
A new version of the Gremlin stealer has evolved from a basic credential harvester into a modular toolkit, according to researchers at Palo Alto Networks’ Unit 42. The infostealer first emerged in April 2025, now just 12 months later the… Read More "Gremlin Stealer Evolves into Modular Threat"
Humans are often regarded as the weakest link in a cybersecurity program. Whether resulting from manipulative cybersecurity tactics or limited cybersecurity awareness, human errors remain the most prevalent attack vectors in every information security program, no matter how sophisticated your… Read More "Human Factors in Cybersecurity in 2026"
A new threat group is targeting business process outsourcers (BPOs) and large enterprises for extortion using live chat channels, Google has warned. Google Threat Intelligence Group (GTIG) principal threat analyst, Austin Larsen, said UNC6783 is a financially motivated threat cluster… Read More "Google Warns of New Threat Group Targeting BPOs and Helpdesks"
The SANS Institute has warned that the race to incorporate AI into enterprise workflows threatens to outpace security efforts, after revealing widespread credential hygiene failings. The security training and research organization presented the findings as part of its 2026 SANS… Read More "Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs"
Efficient cyber threat detection is the cornerstone of an effective cybersecurity program. This post ranks the top eight cyber threat detection tools dominating the cybersecurity solution market in 2026. What is a cyber threat detection tool? A cyber threat detection… Read More "Top 8 Cyber Threat Detection Tools in 2026"
Several civil society figures in Middle Eastern countries, including three high-profile journalists in Egypt and Lebanon, have been targeted by a spear-phishing campaign likely tied to a known South Asian cyber espionage group. The campaign was detected by digital civil… Read More "Middle East Hack-for-Hire Operation Traced to South Asian APT Group"
A malware campaign which targets macOS systems, distributed using a ClickFix attack, has evolved to exploit Script Editor as the execution vector rather than the typical Terminal-based point of execution. Identified by researchers at Jamf Threat Labs, the campaign is… Read More "Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings"
Are you confident your vendors can withstand a cyber attack? If not, you should continuously evaluate your third-party security, especially if you’re sharing sensitive customer data across your vendor ecosystem. In this post, we break down the concepts of third-party… Read More "Third Party Security: Building Your Vendor Risk Program in 2026"
A cyber-attack on Bitcoin Depot’s internal systems has resulted in the theft of more than 50 Bitcoin, valued at approximately $3.66m, according to a recent regulatory filing. The company said it detected unauthorized access to parts of its IT infrastructure… Read More "Bitcoin Depot Reports $3.6m Crypto Theft After System Breach"
