Tag: Cyber Attack

Onelogon Netlogon allow-list risk in an Active Directory environment
Security News

Onelogon Netlogon Attack: Check AD Allow-Lists Now

Onelogon shows how legacy Netlogon allow-lists can expose Active Directory accounts. Learn…

Brendan Smith
Brendan Smith
Potemkin Loader ClickFix intrusion diagram showing one pasted command spreading through 11 hosts.
Security News

Potemkin Loader Turns ClickFix Into 11-Host Intrusion

A ClickFix command dropped Potemkin Loader, RMMProject and EtherRAT across 11+ hosts.…

Brendan Smith
Brendan Smith
Editorial poster showing Steam profile comments feeding a WordPress malware backdoor on a web server.
Security News

Steam C2 Backdoor

GoDaddy says WordPress malware hides C2 data in Steam profile comments. Check…

Brendan Smith
Brendan Smith
17 million device botnet proxy network taken down in the Netherlands
Security News

Dutch Botnet Takedown Cuts Off 17M Devices

Dutch police and NCSC took down a botnet of at least 17…

Brendan Smith
Brendan Smith
Ghost CMS poisoned website shown with a fake ClickFix verification warning.
Security News

Ghost CMS Exploit Poisons 700 Sites for ClickFix Malware

Attackers are exploiting Ghost CMS CVE-2026-26980 to inject ClickFix loaders into trusted…

Stephanie Adlam
Stephanie Adlam
Laravel-Lang Composer stealer supply chain poster
Security News

Laravel-Lang Composer Packages Rewritten to Steal CI Secrets

Laravel-Lang Composer packages were compromised through rewritten tags that run a PHP…

Stephanie Adlam
Stephanie Adlam
Grafana breach missed workflow token supply chain poster
Security News

Grafana Says Missed Token Let Attackers Copy Private Repos

Grafana says attackers copied two private GitHub repositories after one workflow token…

Stephanie Adlam
Stephanie Adlam
Ghostwriter Prometheus lure phishing malware chain poster
Security News

Ghostwriter Uses Prometheus Lures to Drop OYSTERFRESH Malware

CERT-UA says Ghostwriter used compromised accounts and fake Prometheus certificate lures to…

Stephanie Adlam
Stephanie Adlam
Nimbus Manticore MiniFast backdoor fake installer lure poster
Security News

Nimbus Manticore Uses Fake Installers to Drop MiniFast Backdoor

Check Point says Nimbus Manticore used SEO poisoning, fake software lures, and…

Stephanie Adlam
Stephanie Adlam
First VPN takedown poster showing a seized criminal VPN tunnel
Security News

First VPN Takedown Hits Ransomware Anonymization Service

Europol says First VPN, a Russian-speaking cybercrime VPN, was dismantled in Operation…

Stephanie Adlam
Stephanie Adlam
Langflow CVE-2025-34291 token hijack AI workflow takeover poster
Security News

Langflow CVE-2025-34291: Token Hijack and RCE Added to CISA KEV

Langflow CVE-2025-34291 can turn a malicious webpage into account takeover and RCE…

Stephanie Adlam
Stephanie Adlam
Trend Micro Apex One CVE-2026-34926 exploited advisory image
Security News

Trend Micro Apex One CVE-2026-34926 Exploited in the Wild

Trend Micro patched an Apex One on-prem directory traversal flaw after observing…

Stephanie Adlam
Stephanie Adlam

AI Assistant

Hello! 👋 How can I help you today?