The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
Secrets sprawl isn’t slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian’s State of…
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that’s distributed via malicious Windows shortcut (LNK) files…
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of…
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director…
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity,…
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are…
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP…
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS…
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the…
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become…