Avalon Malware Turns Legal Documents Into CrownX Ransomware
Avalon malware uses legal-document lures, ISO images, LNK shortcuts, and MSBuild before…
FBI Seizes NetNut/Popa Botnet: Check Your TV Box
The FBI seized NetNut/Popa botnet domains. Learn why smart TVs and streaming…
Fake Software Downloads Push ScreenConnect and AsyncRAT
Fake software download sites can bundle ScreenConnect and AsyncRAT. Check downloaded archives,…
Onelogon Netlogon Attack: Check AD Allow-Lists Now
Onelogon shows how legacy Netlogon allow-lists can expose Active Directory accounts. Learn…
Potemkin Loader Turns ClickFix Into 11-Host Intrusion
A ClickFix command dropped Potemkin Loader, RMMProject and EtherRAT across 11+ hosts.…
Steam C2 Backdoor
GoDaddy says WordPress malware hides C2 data in Steam profile comments. Check…
Dutch Botnet Takedown Cuts Off 17M Devices
Dutch police and NCSC took down a botnet of at least 17…
Ghost CMS Exploit Poisons 700 Sites for ClickFix Malware
Attackers are exploiting Ghost CMS CVE-2026-26980 to inject ClickFix loaders into trusted…
Laravel-Lang Composer Packages Rewritten to Steal CI Secrets
Laravel-Lang Composer packages were compromised through rewritten tags that run a PHP…
Grafana Says Missed Token Let Attackers Copy Private Repos
Grafana says attackers copied two private GitHub repositories after one workflow token…
Ghostwriter Uses Prometheus Lures to Drop OYSTERFRESH Malware
CERT-UA says Ghostwriter used compromised accounts and fake Prometheus certificate lures to…
Nimbus Manticore Uses Fake Installers to Drop MiniFast Backdoor
Check Point says Nimbus Manticore used SEO poisoning, fake software lures, and…
