Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power plant. Source: https://www.darkreading.com/threat-intelligence/poland-energy-attack-wind-solar-infrastructure

Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. Source: https://www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices

After detecting a zero-day attack, the country’s effective response was attributed to the tight relationship between its government and private industry. Source: https://www.darkreading.com/cyberattacks-data-breaches/singapore-major-telcos-fend-chinese-hackers

Discover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data harvesting. Source: https://www.darkreading.com/cyber-risk/ciso-playbook-defending-data-assets-against-ai-scraping

A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware. Source: https://www.darkreading.com/application-security/dells-hard-coded-flaw-a-nation-state-goldmine

How I realized what I was taught to about threat intelligence was missing something crucial. Source: https://www.darkreading.com/threat-intelligence/human-shaped-blind-spot

CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users. Source: https://www.darkreading.com/threat-intelligence/grandstream-bug-voip-security-blind-spot

A convincing presale site for phony "Google Coin" features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers. Source: https://www.darkreading.com/endpoint-security/scam-abuses-gemini-chatbots-convince-people-buy-fake-crypto

Survey underscores the reality that scammers follow "scalable opportunities and low friction," rather than rich targets that tend to be better protected. Source: https://www.darkreading.com/cybersecurity-analytics/south-africans-scammed-2025

Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous. Source: https://www.darkreading.com/iot/connected-compromised-iot-devices-turn-threats

Unprotected cloud data sends the wrong signal at a time when the emirate’s trying to attract investors and establish itself as a global financial center. Source: https://www.darkreading.com/cyber-risk/abu-dhabi-finance-week-leaked-vip-passport-details

A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites. Source: https://www.darkreading.com/threat-intelligence/starkiller-phishing-kit-mfa

The malicious version of Cline’s npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed. Source: https://www.darkreading.com/application-security/supply-chain-attack-openclaw-cline-users

As scaled-down circuits with limited functions redefine computing for AI systems and autonomous vehicles, their flexibility demands new approaches to safeguard critical infrastructure. Source: https://www.darkreading.com/cyber-risk/emerging-chiplet-designs-spark-fresh-cybersecurity-challenges

The slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers and ransomware gangs. Source: https://www.darkreading.com/threat-intelligence/latin-americas-cyber-maturity-lags-threat-landscape

After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities. Source: https://www.darkreading.com/application-security/lessons-ai-hacking-model-every-layer-risky

Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned tasks, even breaking through their carefully designed guardrails. Source: https://www.darkreading.com/application-security/ai-agents-ignore-security-policies

Researchers say threat actors wielded the sophisticated — and unfortunately named — toolkit to target high-value networks for React2Shell exploitation. Source: https://www.darkreading.com/application-security/attackers-new-tool-scan-react2shell-exposure

KrebsOnSecurity.com celebrates its 16th anniversary today! A huge “thank you” to all of our readers — newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal