Microsoft has shut down RedVDS, a large-scale virtual server rental service that functioned as bulletproof hosting for cybercriminals. According to Microsoft’s estimates, attacks launched from this infrastructure caused more than $40 million in losses in the United States alone. The takedown was executed through civil actions in the US and UK and a coordinated operation … Read more
Google has officially confirmed an Android accessibility bug that affects users who rely on the built‑in Select to Speak feature. When this service is enabled, the hardware volume keys stop behaving as expected, breaking both normal media volume control and the widely used camera shutter shortcut. For people who depend on accessibility tools to interact … Read more
Security researchers at Varonis have disclosed a previously unknown attack vector against Microsoft Copilot, dubbed Reprompt. The weakness allowed an attacker to hijack an active Copilot session and silently extract a user’s confidential data with a single click on a specially crafted link—no malware installation, browser extensions, or advanced user interaction required. Microsoft Copilot as … Read more
The European Space Agency (ESA) has confirmed a serious cybersecurity incident and reported the case to law enforcement, following claims by a hacker group that it exfiltrated around 500 GB of sensitive internal data. The alleged trove includes technical documentation on spacecraft and missions, operational procedures for critical systems, and files from major contractors such … Read more
Dutch law enforcement has arrested a 33‑year‑old national suspected of running AVCheck, an online malware testing and antivirus evasion platform widely used by cybercriminals. The service, which allowed attackers to fine‑tune malicious code to bypass security tools, was taken offline in May 2025 during the international cybercrime operation Endgame. Arrest at Schiphol and Links to … Read more
Microsoft has opened 2026 with a substantial security release: the January Patch Tuesday addresses 114 vulnerabilities across Windows, Office, and related components. The update package includes three zero‑day vulnerabilities (one already exploited in the wild) and eight critical flaws that enable remote code execution (RCE) or privilege escalation. Scope of the January 2026 Microsoft Security … Read more
Security researchers at Check Point have identified a new and highly modular Linux malware framework called VoidLink, designed for long-term covert access to Linux systems, with a particular focus on cloud and containerized infrastructures. In terms of maturity, flexibility and engineering quality, VoidLink is closer to multi-purpose Windows server frameworks than to typical Linux malware … Read more
A recent post on the underground forum DarkForums claimed that the messaging service Max had been hacked and 142 GB of user data stolen. The alleged attacker, using the handle CamelliaBtw, said they had exploited an unknown 0-day vulnerability and exfiltrated around 15.4 million records. Within days, the Max team publicly refuted the claims, and … Read more
Researchers at Check Point are tracking a new wave of activity linked to the GoBruteforcer (GoBrut) botnet, this time focusing on servers that power cryptocurrency exchanges, blockchain platforms and Web3 applications. The operators are attempting to compromise Linux servers and enroll them into a botnet designed to perform massive brute-force attacks against FTP, MySQL, PostgreSQL … Read more
macOS users around the world recently discovered that Logitech Options+ and Logitech G Hub suddenly stopped launching, stripping Logitech peripherals of custom profiles, macros, and advanced settings. The root cause was not malware or a system update, but something far more mundane and revealing: an expired code signing certificate that Logitech did not renew in … Read more
