Attack surface management ROI improves when ownership, exposure duration, and risky endpoints decline—not when asset counts ...
RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...
Attackers misused Google Cloud Application Integration to send 9,394 phishing emails from Google domains, bypassing filters ...
The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...
A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...
A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from ...
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote ...
The U.S. Treasury has removed three individuals linked to Intellexa and Predator spyware from its sanctions list, without ...
Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback