Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi‑stage phishing campaign is targeting business users by sending clean‑looking procurement emails that contain PDFs with hidden clickable buttons. The PDFs exploit AcroForms and FlateDecode to redirect victims to a second file hosted on legitimate Vercel Blob storage, bypassing typical security filters. The final step presents a counterfeit Dropbox login page that captures credentials and forwards them to a private Telegram bot. Forcepoint has updated its defenses, but the scheme underscores the danger of trusted‑cloud abuse.
Arsink Spyware Posing as WhatsApp, YouTube, Instagram, TikTok Hits 143 Countries
Researchers at Zimperium’s zLabs have uncovered Arsink, an Android remote‑access trojan that masquerades as over 50 popular apps, including WhatsApp and TikTok. The campaign has infected roughly 45,000 devices in 143 countries, using Telegram, Discord and MediaFire links to distribute...
Common Cloud Migration Security Mistakes (and How to Avoid Them)
Enterprises rushing to the cloud often overlook security, leading to costly gaps. Common pitfalls include naïve lift‑and‑shift migrations, weak identity controls, and inadequate data protection. The article outlines ten frequent mistakes and provides concrete steps—such as workload‑by‑workload assessment, least‑privilege access,...
This Startup Aims to Solve Crypto’s Broken Key Management Problem
Sodot unveiled its Exchange API Vault, a self‑hosted solution that secures cryptocurrency exchange API keys while keeping them instantly available for trading. The vault combines multi‑party computation and trusted execution environments to split keys, preventing plaintext exposure even during high‑frequency...
Russian Cybercrime Platform RAMP Forum Seized by FBI
U.S. FBI seized the clearnet and dark‑web domains of the Russian‑language cybercrime forum RAMP, known for ransomware and access‑broker services. The operation, coordinated with the DOJ’s Computer Crime and Intellectual Property Section and the Southern District of Florida, redirected both...
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics
Point Wild’s Lat61 Threat Intelligence team has identified the GoTo Resolve remote‑administration tool, specifically the HEURRemoteAdmin.GoToResolve.gen component, as a Potentially Unwanted Application that can install silently and maintain a hidden, persistent presence on Windows machines. The tool bundles a hidden “32000~”...
Best IT Managed Services for Large Enterprises
Large enterprises are shifting IT from a support function to a strategic growth engine, and the article outlines the criteria that define the best managed services for this scale. It highlights five enterprise‑tier attributes—strategic partnership, transparent governance, proactive operations, comprehensive...
New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer
Blackpoint Cyber uncovered a new fake CAPTCHA campaign that tricks users into executing a signed Microsoft script, SyncAppvPublishingServer.vbs, to install the Amatera Stealer malware. The attack directs victims to press Windows Key + R, paste a code, and run a command, while fetching...
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
A new crime‑ware toolkit called Stanley is being sold on Russian‑language forums for $2,000 to $6,000. The kit disguises itself as the Notely note‑taking extension and guarantees that its malicious Chrome extension will pass Google’s Web Store review. Once installed,...
Venezuelan Nationals Face Deportation After Multi State ATM Jackpotting Scheme
Two Venezuelan nationals were convicted of a multi‑state ATM jackpotting scheme that hit banks in South Carolina, Georgia, North Carolina and Virginia. Using laptops and custom malware, they opened older ATMs at night, forcing the machines to dispense cash until...
ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
ShinyHunters announced a dark‑web leak of alleged databases from SoundCloud, Crunchbase and Betterment after their extortion attempts were rejected. The group posted .onion links on 22 January 2026, offering free access to the dumps. The claimed SoundCloud breach aligns with a December 2025...
Google to Pay $8.25M Settlement Over Child Data Tracking in Play Store
Google agreed to pay $8.25 million to resolve a class‑action lawsuit alleging that its Play Store “Designed for Families” program allowed developers to collect personal data from children under 13 without parental consent. The case centered on the AdMob advertising SDK,...
New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization
Reflectiz’s 2026 State of Web Exposure Research reveals that 64 % of third‑party applications on 4,700 leading websites access sensitive data without a legitimate business justification, up from 51 % a year earlier. The study also shows a sharp rise in malicious...
Everest Ransomware Claims McDonalds India Breach Involving Customer Data
Everest ransomware announced a breach of McDonald’s India, claiming to have stolen 861 GB of customer and internal data. The leaked material reportedly contains financial reports, ERP migration files, investor contact lists, and store‑level employee details. HackRead published screenshots to substantiate...
Airlock Digital Announces Independent TEI Study Quantifying Measurable ROI & Security Impact
Airlock Digital released an independent Total Economic Impact study by Forrester Consulting showing a 224% return on investment and a $3.8 million net present value over three years for its allow‑listing solution. The research reports more than a 25% reduction in...
Sprocket Security Appoints Eric Sheridan as Chief Technology Officer
Sprocket Security announced the appointment of Eric Sheridan as its new Chief Technology Officer. Sheridan brings decades of cybersecurity and software engineering experience, along with multiple patents, to guide the firm’s technology vision. In his role, he will oversee engineering...
RansomHouse Claims Data Breach at Major Apple Contractor Luxshare
RansomHouse, a ransomware‑extortion group, alleges it breached Luxshare Precision Industry, a major Apple manufacturing partner, and accessed sensitive engineering data such as 3D CAD and PCB files. The group posted a victim profile on its dark‑web leak site, listing Apple...
Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware
Acronis Threat Research Unit uncovered a new espionage campaign that uses a Venezuela‑related news lure to target U.S. government officials. The attack distributes a malicious DLL through DLL sideloading, hidden inside a renamed Tencent music player called “Maduro to be...
New PayPal Scam Sends Verified Invoices With Fake Support Numbers
Scammers are exploiting PayPal's official invoice feature to send verified emails that display the blue tick, making them appear authentic. The malicious invoices include a fake support phone number in the "Note to Customer" section, prompting recipients to call and...
GhostPoster Browser Malware Hid for 5 Years With 840,000 Installs
Researchers uncovered a five‑year browser‑extension malware campaign dubbed GhostPoster, which hid malicious code inside a PNG image to evade static analysis. The campaign spanned Chrome, Edge and Firefox, ultimately involving 18 extensions and more than 840,000 installations. Koi Security first...
New CastleLoader Variant Linked to 469 Infections Across Critical Sectors
Cyber‑security firm ANY.RUN has identified a new, more stealthy variant of the CastleLoader malware, now linked to 469 compromised devices across U.S. government agencies and European critical infrastructure. The loader uses a social‑engineering “ClickFix” prompt and Inno Setup/AutoIt to gain...
Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads
Sonatype researchers reported that over 387,000 downloads of Apache Struts 2 occurred in a single week, and 98% of those were for end‑of‑life versions vulnerable to CVE‑2025‑68493. The flaw, a high‑severity (8.8) unsafe XML parsing issue affecting versions 2.0.0 through 6.1.0,...
Structure and Reliability in E-Commerce Platforms
E‑commerce platforms depend on a robust technical foundation that goes beyond aesthetics. Scalability, security, speed, and continuous uptime are essential to handle traffic spikes, protect customer data, and maintain conversion rates. Managed hosting and automated backups simplify maintenance while platform‑specific...
Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak
A hacker using the alias CamelliaBtw posted on DarkForums claiming a full breach of Russia’s Max Messenger, exfiltrating roughly 142 GB of data that includes 15.4 million user records, authentication tokens, passwords, communication metadata, source code, and internal infrastructure assets. The alleged...
Survey: Rapid AI Adoption Causes Major Cyber Risk Visibility Gaps
Panorays’ survey of 200 U.S. CISOs reveals that 60% consider AI vendors uniquely risky, yet only 22% have formal vetting processes. The rapid rollout of chat‑bots and AI agents is outpacing traditional third‑party risk controls, leaving most organizations with limited...
Widespread Magecart Campaign Targets Users of All Major Credit Cards
Silent Push researchers have uncovered a global Magecart campaign that has been skimming credit‑card data from all major networks since 2022. The attackers host malicious JavaScript on innocuous domains such as cdn‑cookie.com and erase the code when a WordPress admin bar...
Q4 2025 Malware Trends: Telegram Backdoor, Banking Trojans Surge, Joker Returns to Google Play
Doctor Web’s Q4 2025 mobile‑malware report reveals a modified Telegram X app delivering the Android.Backdoor.Baohuo.1.origin backdoor, compromising roughly 58,000 Android devices across phones, tablets, smart TVs and in‑car systems. The same period saw a 65% surge in Android banking trojans and the re‑appearance...
5 Best Secure Container Images for Modern Applications (2026)
Modern applications now treat secure container images as a prerequisite for rapid delivery, not a optional add‑on. By 2026, tools like Echo, Sysdig and Aqua Security automate CVE removal, risk prioritization, and policy enforcement across CI/CD pipelines. The article outlines...
Fake Employee Reports Spread Guloader and Remcos RAT Malware
AhnLab Security Intelligence Center uncovered a phishing campaign that disguises malicious attachments as fake employee performance reports. The email, posing as HR, includes a compressed file named "staff record pdf.exe" which, when executed, deploys the Guloader loader. Guloader then retrieves...
Cybersecurity in the Public Sector: Challenges, Strategies and Best Practices
Cyber attacks on government entities have surged, rising more than 40% in recent years, driven by motives ranging from political influence to lucrative data theft. Legacy platforms, chronic under‑funding, and a shortage of skilled analysts leave the public sector vulnerable....
Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen
Everest ransomware announced on Jan 10, 2026 that it breached Nissan Motor Corp and exfiltrated roughly 900 GB of data, posting screenshots of ZIP archives, spreadsheets and CSV files on its dark‑web leak site. The leaked directory structure suggests access to dealership records,...
Europol Raids Disrupt Black Axe Cybercrime Ring in Spain
International law enforcement, led by Spain’s National Police, German authorities, and Europol, raided Black Axe cells in Spain, arresting 34 suspects across Seville, Madrid, Málaga and Barcelona. The criminal syndicate, originating in Nigeria with about 30,000 members, is responsible for...
Database of 323,986 BreachForums Users Leaked as Admin Disputes Scope
On January 9 2026 a database containing 323,986 BreachForums user records was posted on the ShinyHunters site. The dump includes MySQL metadata, email addresses, display names, Argon2i password hashes and links to external accounts such as Telegram. BreachForums administrators claim the data...
Why AI-Powered Cyber Defense Is No Longer Optional for Modern Businesses
AI-driven cyber defense has shifted from optional to essential as threats become faster, more sophisticated, and harder to detect with legacy tools. Machine‑learning models analyze massive network and user‑behavior data in real time, flagging anomalies and enabling automated response. Companies...
Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
A hacker using the alias “Lovely” is now offering nearly 40 million Condé Nast user records for sale, expanding on a prior leak of 2.3 million Wired.com accounts. The alleged dataset spans dozens of Condé Nast‑owned sites, including high‑traffic titles such as Vanity Fair,...
$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
Chinese authorities extradited billionaire Chen Zhi and two associates from Cambodia to face charges linked to the Prince Group’s $15 billion Bitcoin‑based pig‑butchering operation. The joint China‑Cambodia investigation uncovered forced‑labour scam compounds, seized the largest cryptocurrency haul in history, and triggered...
US Man Jailed After FBI Traced 1,100 IP Addresses in Cyberstalking Case
A 25‑year‑old Montana man, Jeremiah Daniel Starr, received a 46‑month federal prison sentence for a three‑year cyberstalking campaign that escalated into a fake shooting inside the victim's apartment. Investigators uncovered his use of more than 50 phone numbers and NordVPN...
Why Legitimate Bot Traffic Is a Growing Security Blind Spot
Security teams have long focused on blocking malicious bots, but legitimate bots now account for a sizable portion of web traffic, exceeding 50%. Search‑engine crawlers, AI scrapers, and emerging agentic AI interact with applications at scale, creating hidden security, performance,...
Major Data Breach Hits Company Operating 150 Gas Stations in the US
Texas‑based Gulshan Management Services, which operates over 150 Handi Plus and Handi Stop gas stations, disclosed a massive data breach affecting more than 377,000 individuals. Attackers infiltrated an external system between September 17 and September 27, 2025, and the breach was only detected on September 27....
How to Avoid Phishing Incidents in 2026: A CISO Guide
By 2026 phishing emails will mimic legitimate messages, evading traditional filters. CISOs are turning to behavior‑based sandbox analysis to see the full attack chain within seconds, dramatically cutting verdict times. Automated interactivity and real‑time threat context enable faster, more accurate...
Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia
AccuKnox has named Connex Information Technologies as its authorized distribution partner for Zero Trust CNAPP solutions across South and Southeast Asia. Connex, operating in 14 countries with a network of over 1,500 channel partners, will drive localized deployment, partner enablement...
Researchers Warn of Data Exposure Risks in Claude Chrome Extension
Anthropic launched a beta Claude Chrome extension that lets the AI browse, click, and type on users' behalf, fundamentally shifting the browser security model. Zenity Labs discovered the tool stays logged in permanently, exposing OAuth tokens, console logs, and personal...