U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

04/07/2026 0 Comments 0 tags

A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

04/07/2026 0 Comments 0 tags

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

03/07/2026 0 Comments 0 tags

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The

New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

03/07/2026 0 Comments 0 tags

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops,

New Avalon Malware Framework Packs CrownX Ransomware Capabilities

03/07/2026 0 Comments 0 tags

Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

03/07/2026 0 Comments 0 tags

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

03/07/2026 0 Comments 0 tags

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. “Armored Likho

European Parliament Member Investigating Spyware Was Hacked With Pegasus

03/07/2026 0 Comments 0 tags

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

03/07/2026 0 Comments 0 tags

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

02/07/2026 0 Comments 0 tags

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. “Although tactics differ between affiliates, common patterns emerged