2+ hour, 21+ min ago  (368+ words) Between January 2025 and January 2026, Arctic Wolf observed a significant cyber espionage campaign attributed to the India-linked threat actor known as SloppyLemming, also identified as Outrider Tiger and Fishing Elephant. This campaign primarily targeted government institutions and critical infrastructure operators across…...

18+ hour, 59+ min ago  (206+ words) The Cybersecurity and Infrastructure Security Agency (CISA) added a critical Qualcomm chipset vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on March 3, 2026, confirming active real-world exploitation. Tracked as CVE-2026-21385, this flaw poses a severe memory corruption risk across multiple Qualcomm…...

20+ hour, 9+ min ago  (287+ words) Cybersecurity researcher Gjoko Krstic from Zero Science Labs has uncovered a critical flaw in Honeywell's Trend IQ4xx building management system (BMS) controllers. These devices control HVAC, lighting, and other building functions in schools, offices, and commercial sites. In their default setup,…...

21+ hour, 43+ min ago  (380+ words) In a rapidly escalating cyber conflict, the United States and Israel launched a major joint cyber offensive, dubbed Operation Epic Fury (U.S.) and Operation Roaring Lion (Israel), on February 28, 2026. In retaliation, Iran's cyber capabilities have been severely affected due to widespread…...

6+ day, 2+ hour ago  (245+ words) Juniper Networks released an urgent critical security bulletin for a severe flaw in its PTX Series routers running Junos OS Evolved. This vulnerability allows unauthenticated attackers on the network to execute malicious code with root privileges, enabling full device takeover....

2+ week, 3+ day ago  (445+ words) A sophisticated malware loader called OysterLoader, a multi-stage downloader linked to ransomware intrusions and large-scale data theft. Also known as Broomstick and CleanUp, the malware has been active since mid-2024. It is now strongly associated with operations leading to Rhysida ransomware…...

3+ week, 1+ day ago  (260+ words) In a recent incident response case, Mandiant attributed an intrusion at a FinTech organization to UNC1069, a financially motivated actor active since at least 2018, and observed seven malware families deployed during a single compromise an unusually heavy toolset aimed at stealing…...

3+ week, 5+ day ago  (377+ words) In mid-January 2026, security team detected unusual activity in a corporate environment that, at first, did not seem alarming. The signs were subtle and did not trigger alerts from standard endpoint protection tools such as antivirus software. The event appeared insignificant…...

1+ mon, 1+ day ago  (245+ words) The company released an advisory on January 30, 2026, detailing the security flaw and urging customers to apply patches immediately. Attackers with valid credentials can exploit this flaw by sending specially crafted packets containing malicious commands to compromised devices, thereby bypassing security…...

1+ mon, 2+ day ago  (483+ words) Poland endured a wave of coordinated cyber attacks that struck at the heart of its energy infrastructure. These assaults aimed purely at destruction, akin to digital arson, hitting during brutal low temperatures and snowstorms just before New Year's. While they…...