The first ThreatsDay Bulletin of 2026 tracks GhostAd adware, macOS malware, proxy botnets, cloud exploits, and more emerging ...
RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...
Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from ...
A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
The U.S. Treasury has removed three individuals linked to Intellexa and Predator spyware from its sanctions list, without ...
IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now ...
This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote ...
High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib ...
China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback