The newly observed KadNap botnet is actively compromising Asus routers and other network devices, enrolling them into a peer-to-peer residential proxy network. Since August 2025, this campaign has infected an estimated 14,000 devices, giving attackers access to thousands of legitimate home and small-office IP addresses for hiding malicious traffic. KadNap botnet scale, targets, and affected … Read more

An international law enforcement operation codenamed Operation Leak has dismantled the cybercrime forum LeakBase, a prominent marketplace for stolen data and hacking services active since 2021. With more than 142,000 registered accounts, LeakBase had become a major hub for buying, selling, and trading compromised data — until authorities not only seized its infrastructure but also … Read more

OpenAI has introduced Codex Security, an AI-powered security agent designed to detect vulnerabilities in source code at scale. During its beta phase, the system analyzed more than 1.2 million commits and identified 792 critical and 10,561 high-severity vulnerabilities across widely used open source projects, several of which have already received official CVE identifiers. This signals … Read more

The U.S. Federal Bureau of Investigation is investigating a cybersecurity incident that, according to media reports, may have affected systems used to manage wiretap and surveillance orders under the Foreign Intelligence Surveillance Act (FISA). The bureau has confirmed detecting “suspicious activity” on its networks and says technical containment and remediation measures have been implemented. FBI … Read more

Google’s Threat Intelligence Group (GTIG) has disclosed a highly sophisticated iOS exploit kit known as Coruna (also referenced as CryptoWaters), targeting iPhone and iPad devices from iOS 13.0 up to iOS 17.2.1. The framework comprises five complete exploit chains and 23 distinct vulnerabilities. While current iOS releases are no longer vulnerable to Coruna’s known exploits, … Read more

The Wikimedia Foundation has disclosed a short-lived but instructive cybersecurity incident involving a self-propagating JavaScript worm that abused MediaWiki’s user script functionality. The malicious code altered thousands of pages on Meta-Wiki and replaced user JavaScript files for dozens of editors, prompting a temporary suspension of editing across all Wikimedia projects as a containment measure. How … Read more

Recent research by Broadcom (Symantec) and the Carbon Black Threat Hunter Team has exposed a large‑scale cyber espionage campaign conducted by the Iranian state‑linked APT group MuddyWater (also known as Seedworm). The group, associated with Iran’s Ministry of Intelligence and Security (MOIS), has established long‑term access in networks belonging to organizations in the United States, … Read more

Microsoft Threat Intelligence has disclosed a large-scale ClickFix social engineering campaign in which threat actors abuse Windows Terminal (wt.exe) to execute a multi-stage attack chain and deploy the Lumma Stealer infostealer. The activity, observed in February 2026, is primarily aimed at stealing browser-stored credentials and other sensitive data from compromised systems. ClickFix social engineering: abusing … Read more

Critical telecommunications infrastructure in multiple South American countries has been under sustained attack since 2024 by an advanced threat group tracked as UAT-9244, according to new research from Cisco Talos. The China-linked APT is deploying three previously undocumented implants to compromise Windows, Linux and edge networking devices used by telecom operators. UAT-9244: Chinese-linked cyber espionage … Read more

Pakistan-linked cyber‑espionage group Transparent Tribe (APT36) has begun systematically using AI‑powered coding tools to generate large volumes of new malware implants. Research published by Bitdefender indicates a shift from hand‑crafted malware to an industrialized pipeline that produces many similar, quickly generated samples designed to evade traditional detection. AI-generated malware, “vibeware” and Distributed Denial of Detection … Read more