The GS7 cyber-threat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote […]

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines

Remote monitoring and management (RMM) software offers hackers multiple benefits, including stealth, persistence, and operational efficiency. Source: https://www.darkreading.com/application-security/rmm-abuse-explodes-hackers-ditch-malware

Russia-aligned groups are probable culprits behind the wiper attacks against renewable energy farms, a manufacturer, and a heating and power

Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. Source: https://www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices

After detecting a zero-day attack, the country’s effective response was attributed to the tight relationship between its government and private

Discover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data

A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy

How I realized what I was taught to about threat intelligence was missing something crucial. Source: https://www.darkreading.com/threat-intelligence/human-shaped-blind-spot

CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users.

A convincing presale site for phony "Google Coin" features an AI assistant that engages victims with a slick sales pitch,

Survey underscores the reality that scammers follow "scalable opportunities and low friction," rather than rich targets that tend to be

Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous.

Unprotected cloud data sends the wrong signal at a time when the emirate’s trying to attract investors and establish itself

A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites. Source: https://www.darkreading.com/threat-intelligence/starkiller-phishing-kit-mfa

The malicious version of Cline’s npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

As scaled-down circuits with limited functions redefine computing for AI systems and autonomous vehicles, their flexibility demands new approaches to

The slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers

After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt

Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned

Researchers say threat actors wielded the sophisticated — and unfortunately named — toolkit to target high-value networks for React2Shell exploitation.

KrebsOnSecurity.com celebrates its 16th anniversary today! A huge “thank you” to all of our readers — newcomers, long-timers and drive-by

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The

Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software.

A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in

The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting the The Invisible