Onelogon Netlogon Attack: Check AD Allow-Lists Now
Onelogon shows how legacy Netlogon allow-lists can expose Active Directory accounts. Learn who is affected, what to check, and how to respond.
News desk
Security News
Security incidents, exploited vulnerabilities, breach reports, malware campaigns, and urgent patch notes arranged for fast daily scanning.
June 24, 2026
Latest reports
Aviator Predictor Malware
Aviator Predictor-style apps can be used as fake crypto and crash-game tools. Learn how the malware risk works and what to check after running…
Phantom Stealer RFQ Phishing
Fortra warns that Phantom Stealer is being delivered through fake request-for-quote archives. Here is what the Windows attack chain does and what to check…
ScreenConnect Client Scam: Remove Unexpected Remote Access
Found ScreenConnect Client or ConnectWise Control after a call, email, or fake update? Stop remote access, remove the service, scan with Gridinsoft, and secure…
Social Security Statement Email Scam Uses ScreenConnect
A June 2026 fake Social Security Statement email used a t.co link, a fake PDF update page, and ScreenConnect.ClientSetup.exe. See the IOCs and what…
CryptoBandits.A USB Clipper
Microsoft reports CryptoBandits, a USB-spread crypto clipper. Check .lnk shortcuts, ugate.exe, localhost:9050, scheduled tasks, and wallet-address changes.
Tiflux RMM Malware: Unauthorized Remote Access Cleanup
Unexpected Tiflux RMM after a service-agreement email can mean unauthorized remote access. Learn what TiAgent, TiService, Splashtop, ScreenConnect, and UltraVNC mean and how to…
Potemkin Loader Turns ClickFix Into 11-Host Intrusion
A ClickFix command dropped Potemkin Loader, RMMProject and EtherRAT across 11+ hosts. Here is what to check after a fake verification command ran.
OptinMonster CDN Backdoor Checks
WordPress sites using OptinMonster, TrustPulse, or PushEngage should check for rogue admin users, hidden backdoor plugins, and suspicious logs after the June 2026 CDN…