On 20 January 2026, antivirus vendor MicroWorld Technologies, the developer of eScan, reported a classic software supply chain attack. Threat actors compromised one of the product’s regional update servers and used it to distribute a malicious update to a subset of customers whose systems happened to pull updates from that specific cluster during the attack … Read more

A massive distributed denial‑of‑service (DDoS) campaign in December 2025, attributed to the Aisuru (also known as Kimwolf) botnet, has set a new benchmark for attack scale and sophistication. The botnet reportedly generated peak traffic of 31.4 Tbps and up to 200 million HTTP requests per second (RPS), targeting major telecommunications providers as well as Cloudflare’s … Read more

Google’s Threat Intelligence Group (GTIG), working with multiple industry partners, has disrupted IPIDEA, one of the world’s largest residential proxy services. The operation disabled key command-and-control domains, disrupted traffic routing through infected devices, and exposed the malicious SDKs used to silently conscript user devices into a vast proxy botnet. Residential proxy networks: from legitimate tool … Read more

Compromising a single corporate single sign-on (SSO) account today can unlock access to dozens of critical SaaS platforms and internal systems at once. That is exactly the strategy attributed to the cybercriminal group ShinyHunters, which is running a large‑scale phishing campaign against SSO implementations from Okta, Microsoft Entra ID and Google. ShinyHunters’ SSO Phishing Campaign … Read more

Acting Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Madhu Gottumukkala is reportedly under investigation after uploading internal agency documents to the public ChatGPT service. The case, disclosed by Politico citing sources in the Department of Homeland Security (DHS), underscores how generative AI tools can become a new vector for data exposure even … Read more

Moltbot (formerly Clawdbot) has rapidly become one of the most visible open-source AI projects of 2026, gaining more than 93,000 GitHub stars in just a few weeks. Created by Austrian engineer Peter Steinberger, the self-hosted AI assistant integrates with WhatsApp, Telegram, Slack, Discord, email and local resources, branding itself as a “personal AI running on … Read more

At the end of January 2026, law enforcement agencies carried out one of the most significant recent strikes against ransomware infrastructure: the RAMP ransomware forum was seized and taken offline. Both the clear‑web site at ramp4u[.]io and its Tor hidden service now display a seizure notice referencing several units of the U.S. Department of Justice … Read more

Nike is conducting an internal investigation following claims by the cybercriminal group World Leaks that it has compromised the company’s IT infrastructure and exfiltrated a large volume of sensitive data. According to the attackers, they allegedly accessed Nike’s systems on 22 January and stole 188,347 files totaling around 1.4 TB of data. Nike investigates alleged … Read more

Microsoft has issued an out-of-band security update to address CVE-2026-21509, a critical Microsoft Office vulnerability that is already being exploited in real-world attacks. The flaw affects almost the entire modern Office line, including Office 2016, Office 2019, Office 2021 and Microsoft 365 Apps for Enterprise, making it relevant for both home users and large enterprises. … Read more

The critical vulnerability CVE-2026-24061 in the GNU InetUtils telnetd server component is already being exploited in real-world attacks. Rated 9.8 on the CVSS scale, the flaw enables remote, unauthenticated compromise and is particularly dangerous because Telnet remains widely exposed on legacy Linux and IoT systems. Shadowserver telemetry shows almost 800,000 IP addresses with open Telnet … Read more