Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
iT4iNT SERVER Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with ext…
Showing posts from January, 2026Show all
CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
iT4iNT SERVER CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photov…
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
iT4iNT SERVER Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place be…
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
iT4iNT SERVER Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exp…
Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
iT4iNT SERVER A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deploy…
ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories
iT4iNT SERVER This week’s updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until t…
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
iT4iNT SERVER A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could al…
Password Reuse in Disguise: An Often-Missed Risky Workaround
iT4iNT SERVER When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. The…
WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware
iT4iNT SERVER Meta on Tuesday announced it's adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks be…
CTEM in Practice: Prioritization, Validation, and Outcomes That Matter
iT4iNT SERVER Cybersecurity teams increasingly want to move beyond looking at threats and vulnerabilities in isolation. It’s not only about what coul…
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation
iT4iNT SERVER Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attack…
Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware
iT4iNT SERVER Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multi-stage backdoor as part of …
⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More
iT4iNT SERVER Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. Th…
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
iT4iNT SERVER The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) to…
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
iT4iNT SERVER A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnes…
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
iT4iNT SERVER Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability followi…
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
iT4iNT SERVER Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting mu…
Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
iT4iNT SERVER A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years. The …
Filling the Most Common Gaps in Google Workspace Security
iT4iNT SERVER Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams in…
Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts
iT4iNT SERVER A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic math…
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
iT4iNT SERVER Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (…
Exposure Assessment Platforms Signal a Shift in Focus
iT4iNT SERVER Gartner® doesn’t create new categories lightly. Generally speaking, a new acronym only emerges when the industry's collective "…
LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
iT4iNT SERVER LastPass is alerting users to a new active phishing campaign that's impersonating the password management service, which aims to tr…
Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
iT4iNT SERVER A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server main…
Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers
iT4iNT SERVER Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic th…
Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
iT4iNT SERVER A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operation…
How Servers Get Hacked and Practical Methods to Prevent Attacks
Server Hosting I remember checking a client’s server a few weeks back and something weird caught my eye. Someone from China tried logging in. Then so…
⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More
iT4iNT SERVER In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are no…
DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses
iT4iNT SERVER Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “alway…
Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations
iT4iNT SERVER Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of…
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
iT4iNT SERVER Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-a…
GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection
iT4iNT SERVER The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to si…
Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts
iT4iNT SERVER Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (H…
Your Digital Footprint Can Lead Right to Your Front Door
iT4iNT SERVER You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the in…
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
iT4iNT SERVER A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to P…
Model Security Is the Wrong Frame – The Real Risk Is Workflow Security
iT4iNT SERVER As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But …
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
iT4iNT SERVER Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercr…
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
iT4iNT SERVER Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legit…
New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification
iT4iNT SERVER Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justi…
What Should We Learn From How Attackers Leveraged AI in 2025?
iT4iNT SERVER Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking a…
CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
iT4iNT SERVER The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw imp…
⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More
iT4iNT SERVER This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry p…
GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials
iT4iNT SERVER A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that&…
Anthropic Launches Claude AI for Healthcare with Secure Health Record Access
iT4iNT SERVER Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claud…
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors
iT4iNT SERVER The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial…
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
iT4iNT SERVER Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to dep…
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations
iT4iNT SERVER Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated…
Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can't)
iT4iNT SERVER As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by headlines and specula…
China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes
iT4iNT SERVER A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Sou…
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories
iT4iNT SERVER The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fa…
