Storm-2561 Uses Fake Fortinet, Ivanti VPN Sites to Drop Hyrax Infostealer
In mid-January 2026, Microsoft Defender Experts identified a devious way that cybercriminals are tricking people into giving away…
ClickFix Attack Targets Devs with MacSync Malware via Fake Claude Tools
Cybersecurity researchers at 7AI have revealed a new Claude Fraud campaign in which hackers use fake AI extensions and Google ads to steal data from tech professionals.
New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit
The new infostealer campaign spreads Vidar 2.0 via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting young gamers ignoring security warnings
Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter
AWS Bedrock AI tool flaw allows data leaks via DNS queries in AgentCore Code Interpreter sandbox, exposing sensitive cloud data, researchers warn.
FBI Investigates Steam Games Linked to Malware and Crypto Wallet Theft
FBI warns gamers after malware hidden in several Steam games stole browser data and drained cryptocurrency wallets between May 2024 and January 2026.
New Phishing Scam Uses LiveChat to Pose as Amazon and PayPal in Real Time
Cofense researchers warn of a phishing scam where attackers use LiveChat to impersonate Amazon and PayPal agents and steal credit card and MFA codes.
New XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection
New XWorm 7.1 and Remcos RAT campaigns abuse trusted Windows tools to evade detection. The attacks exploit a WinRAR flaw and use process hollowing to spy on victims.
ShinyHunters Claims 1 Petabyte Data Theft from Telecom Giant Telus
ShinyHunters claims it stole up to 1 petabyte of data from Telus Digital, including support recordings, code, and employee records after a breach.
‘CrackArmor’ Vulnerability in AppArmor Impacts 12.6M Linux Systems
Qualys uncovers 'CrackArmor' vulnerabilities in AppArmor that could expose 12.6M Linux systems to root access and container escapes.
US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw
US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action.