The 2026 NICE Conference & Expo in Philadelphia was an inspiring reminder of why cyber security education matters so deeply, and why the work we do through SecureAcademy is so important. Bringing together educators, government leaders, industry experts, and nonprofit organizations, the…
Category: EN
Hackers Use Rokarolla Banking Trojan to Intercept SMS Codes and Steal Crypto Credentials
A newly discovered Android banking trojan called Rokarolla has been making waves across the cybersecurity community, targeting victims by posing as well-known, trusted applications. The malware goes after banking and cryptocurrency users with a level of sophistication that puts it…
UNC1151 Ghostwriter Hackers Target Belarusian Politician in Gmail Phishing Campaign
A well-known hacker group called UNC1151, also widely known as Ghostwriter, has been caught running a targeted phishing campaign against a prominent Belarusian pro-democracy politician. The group, which has long been tied to the interests of the Belarusian government and,…
Millenium RAT Rewritten in C++ Infects 62,000+ Devices Across 160 Countries
A remote access trojan known as Millenium RAT has been quietly spreading across the globe, and the numbers are hard to ignore. Over 62,000 devices have been compromised across more than 160 countries, with no signs of slowing down. More…
DCloud Uni-App Scam Network Powers RainbowEx-Style Crypto Fraud and WhatsApp Phishing
A Chinese open-source development framework has become the silent engine behind one of the largest scam networks ever documented. Known as DCloud Uni-App, the cross-platform toolkit was designed for legitimate app development but has been repurposed by cybercriminals to run…
LLM-Generated Mythic Agents Enable Disposable Red-Team Tooling From Prompt to Deployment
Red teamers and offensive security researchers have entered a new era where AI can write functional attack tools from a single sentence. A concept known as “disposable tooling” is now taking shape, and the implications for defenders are real. At…
Microsoft keeps Windows Server 2022 hotpatching alive into 2027
In the Azure Edition, of course This article has been indexed from www.theregister.com – Articles Read the original article: Microsoft keeps Windows Server 2022 hotpatching alive into 2027
Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
I'm in the throes of target host recon for another pentest, and thought I'd share some workflow / automation stuff. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Adding some Automation to…
Splunk Secure Gateway RCE Vulnerability Lets Low-Privileged Attackers Execute Arbitrary Code
A newly disclosed high-severity vulnerability in Splunk Secure Gateway (SSG) allows low-privileged authenticated users to achieve remote code execution (RCE) on affected systems, significantly increasing the attack surface for enterprise Splunk deployments. This vulnerability, tracked as CVE-2026-20251, has been assigned…
StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years
Microsoft shut down the StegoAd campaign, which used 119 malicious Edge extensions, hit 2.6M installs, and ran undetected for two years. Microsoft just shut down one of the more technically clever malicious extension campaigns it’s ever documented. The operation, named…
CISA Warns Attackers Are Targeting Critical Internal Business Platforms
It Targets Government Agencies, Hospital Networks, and Major Enterprise Environments A new vulnerability affecting Cisco Unified Communications Manager Server has recently been added to CISA’s Known Exploited Vulnerabilities list, indicating… The post CISA Warns Attackers Are Targeting Critical Internal Business…
STOCKSTAY Malware Uses WebSocket C2, RSA Encryption, and Environmental Keying for Stealth
Analysis of a .NET backdoor tracked as STOCKSTAY exposes a mature, modular espionage implant actively developed and deployed by the Russia-linked Turla cluster since at least December 2022. STOCKSTAY demonstrates several operational techniques designed to maximize stealth and survivability: secure…
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by…
Why Post-Quantum Cryptography Starts With Credentials
Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can break elliptic curve cryptography or RSA, quantum hardware…
US Offers $10M Bounty for Russian State Hackers
The United States government has issued a $10 million bounty for information leading to the identification or location of members of two Russian state-sponsored hacking groups designated as UNC5792 and UNC4221. This article has been indexed from CyberMaterial Read the…
Malaysia considers National Internet Registry
Malaysia has launched a public consultation on establishing a National Internet Registry (NIR) that would give the government authority over IP address and autonomous system number allocation within the country. This article has been indexed from CyberMaterial Read the original…
Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs
Carmaker points finger at an ‘unknown’ flaw as customer fallout continues This article has been indexed from www.theregister.com – Articles Read the original article: Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs
‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access
A variant of DirtyFrag, the flaw allows unprivileged local users to manipulate the Linux page cache and gain root privileges. The post ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access appeared first on SecurityWeek. This article has been indexed from…
The Gentlemen RaaS group uses custom backdoors
The Gentlemen ransomware-as-a-service group has emerged as a major threat actor in 2026, deploying custom malware tools and sophisticated techniques against large corporations and critical infrastructure globally. This article has been indexed from CyberMaterial Read the original article: The Gentlemen…
Coinbase Base blockchain suffers 2-hour outage
Coinbase’s Base blockchain suffered a nearly two-hour outage on Thursday after a consensus failure prevented the network from producing new blocks. This article has been indexed from CyberMaterial Read the original article: Coinbase Base blockchain suffers 2-hour outage