Safety‑Aware Cybersecurity Gateway Secures Autonomous Vehicles
How to ensure autonomous vehicle security in the modern era and meet the national and international standards and regulations? We've developed a special embedded gateway that utilizes the Safety-Aware Cybersecurity approach — a unified architecture that accounts for both functional safety and cybersecurity requirements 👉 https://t.co/5Ja9AKZAGO
Cloud Atlas APT Leverages Hidden SSH Tunnels, Tor, PowerCloud
Today we’re having a look at both old and new tools from the Cloud Atlas APT group. The attackers actively use hidden SSH tunnels, Tor, RevSocks, the PowerCloud utility, and much more besides. A breakdown of the techniques and the...
Image Metadata Exploit Lets Attackers Hack Macs
We're covering CVE-2026-3102 in ExifTool, discovered by GReAT experts: how malicious... metadata (!) in image files can lead to Mac hacking. Learn more: https://t.co/2xP7Uzpwge https://t.co/btXdA79C49
Ransomware Attacks Dip, but Post‑quantum Threats Rise
Ransomware analytics and forecasts for 2026: the number of attacks is declining, but the risk remains high. We’re seeing new families based on post-quantum cryptography, a focus on RDWeb for initial access, and an increase in attacks involving data theft...
Critical Xrdp Buffer Overflow Fixed in Latest Release
Our experts have discovered vulnerability CVE-2025-68670 in xrdp, a remote desktop server for Linux using the RDP protocol. A buffer overflow could lead to remote code execution without authentication. The issue has already been fixed in the latest versions. Details:...
VoidStealer Trojan Steals Chrome Master Key via Debugger
The new VoidStealer Trojan has learned to bypass Chrome's stored data protection: the infostealer attaches to the browser process as a debugger, and intercepts the master key from RAM. Cookies, sessions, and passwords in Chrome and other browsers – Microsoft...
New “Undefined Trust” Filter Flags Deceptive Gray‑zone Sites
We’ve introduced a new web filtering category “Sites with an undefined trust level”. Such sites sit in a gray zone – promoting fake services, luring folks to hidden subscriptions, or nudging users to hand over data through deceptive terms of...
Your Car Is a Data‑Collecting Spy on Wheels
In the digital world, it’s not only walls that have ears – cars do too. A modern car is a computer on wheels with a wide range of sensors: it stores/transmits GPS routes, telemetry, and keeps tabs on a connected...
Tax‑authority Phishing Spreads ValleyRAT and New ABCDoor Backdoor
Phishing "from the tax authorities" → a modified downloader → the well-known ValleyRAT backdoor + the previously undocumented Python backdoor, ABCDoor. Learn more: https://t.co/8mFxmep5xC https://t.co/9yUZwdH8mO
Copy Fail Gives Root on Modern Linux—Detect with Kaspersky
Copy Fail vulnerability allows attackers to gain root access on virtually any modern Linux distribution: nature, how to detect with Kaspersky products + useful SIEM rules 👉 https://t.co/Ck6VwZDJif https://t.co/xqx8JgHTcy
Global Tax Scams Exploit AI and Fake Government Sites
*International Tax-Scam Roundup* Here's an overview of scam tactics being used around the world targeting taxpayers getting ready to file their returns. So, how are these cyber-crooks swindling folks? Well, the methods range from classic tricks to newer AI-powered schemes. For example: ❌...
Yemen Ranks Second in ICS Attacks; Israel Among Safest
The threat landscape for industrial automation systems in the Middle East – Q4 2025: high risk of targeted attacks, network segmentation issues, and numerous espionage attacks. Yemen ranks second globally for the share of ICS computers attacked, while Israel is...
New Unpatched Windows RPC Privilege Escalation Disclosed
We reveal details of a previously unknown privilege escalation technique in Windows RPC. The vulnerability is due to an architectural flaw and is currently unpatched. We also discuss risk mitigation measures: https://t.co/TexY19gONO https://t.co/7zo8vuhtF1
Qualcomm Snapdragon BootROM Flaw Enables Modem Takeover
We’ve discovered a vulnerability in the BootROM of Qualcomm Snapdragon chips (MSM/MDM family) – used in popular smartphones, cars, and IoT devices: attackers can use its Emergency Download Mode to take control of the modem module (physical access required) Advisory: https://t.co/hkZ3VjGfMC Our...
Over 20 iOS Crypto Wallets Hijacked by FakeWallet
More than 20 malicious crypto-wallets for iOS: how the FakeWallet crypto-stealer is spreading through the App Store: https://t.co/SSkqda8UH5 https://t.co/efDIdCmpRh