AhnLab Security Intelligence Center (ASEC) has uncovered a dangerous distribution campaign targeting Windows users through Korean web hard services. Threat actors are leveraging xRAT (QuasarRAT) malware, disguising it as legitimate adult game content to deceive unsuspecting users into downloading and…
Fog Ransomware Targets U.S. Organizations via Compromised VPN Credentials
Arctic Wolf Labs has uncovered a new ransomware variant dubbed “Fog” striking US organizations, primarily in education and recreation, through hijacked VPN access. First spotted on May 2, 2024, the attacks highlight vulnerabilities in remote access tools and the rapid…
Microsoft Introduces Teams External Collaboration Administrator Role
Microsoft is expanding its administrative capabilities in Teams by introducing a new built-in role called Teams External Collaboration Administrator. This specialized RBAC role enables organizations to delegate external collaboration management without granting full Teams admin permissions. Rollout Timeline The new role will begin rolling…
Use of XMRig Cryptominer by Threat Actors Expanding: Expel
Security researchers last year wrote about a surge in the use by threat actors of the legitimate XMRig cryptominer, and cybersecurity firm Expel is now outlining the widening number of malicious ways they’re deploying the open-source tool against corporate IT…
Why VM Shapes Matter: New Compute Plans Deliver Predictable Performance
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Why VM Shapes Matter: New Compute Plans Deliver Predictable Performance
MuddyWater APT Weaponizing Word Documents to Deliver ‘RustyWater’ Toolkit Evading AV and EDR Tools
The Iran-linked MuddyWater Advanced Persistent Threat group has launched a sophisticated spear-phishing campaign targeting diplomatic, maritime, financial, and telecom sectors across the Middle East. The threat actors are using weaponized Word documents to deliver a new Rust-based malware called RustyWater,…
Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack
A new and sophisticated phishing campaign is targeting remote workers and IT administrators by impersonating the official Fortinet VPN download portal. This attack is particularly dangerous because it leverages search engine optimization (SEO) and, alarmingly, AI-generated search summaries to lure…
Cyber Threats Targeting Australia and New Zealand Fueled by Initial Access Sales, and Ransomware Campaigns
The cyber threat environment across Australia and New Zealand has entered a critical phase throughout 2025, with threat actors orchestrating increasingly sophisticated attacks centered on the sale of compromised network access. The Cyble Research and Intelligence Labs documented 92 instances…
Threat Actors Attacking Systems with 240+ Exploits Before Ransomware Deployment
Between December 25–28, a single threat actor conducted a large-scale scanning campaign, testing over 240 different exploits against internet-facing systems and collecting data on every vulnerable target found. This reconnaissance operation, operating from two IP addresses linked to CTG Server…
IT Security News Hourly Summary 2026-01-09 18h : 17 posts
17 posts were published in the last hour 16:32 : X Didn’t Fix Grok’s ‘Undressing’ Problem. It Just Makes People Pay for It 16:32 : pcTattletale founder pleads guilty as US cracks down on stalkerware 16:32 : Putinswap: France trades…
X Didn’t Fix Grok’s ‘Undressing’ Problem. It Just Makes People Pay for It
X is allowing only “verified” users to create images with Grok. Experts say it represents the “monetization of abuse”—and anyone can still generate images on Grok’s app and website. This article has been indexed from Security Latest Read the original…
pcTattletale founder pleads guilty as US cracks down on stalkerware
After years of security failures and partner-spying marketing, pcTattletale’s founder has pleaded guilty in a rare US federal stalkerware case. This article has been indexed from Malwarebytes Read the original article: pcTattletale founder pleads guilty as US cracks down on…
Putinswap: France trades alleged ransomware crook for conflict researcher
Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant France has released an alleged ransomware crook wanted by the US in exchange for a conflict researcher imprisoned in Russia.… This article has been indexed…
INFORM 2026: MITRE’s Updated Threat-Informed Defense Maturity Model Explained
On January 8th, MITRE’s Center for Threat-Informed Defense (CTID) published a significant update to INFORM, its threat-informed defense maturity model. This update reflects the joint efforts of MITRE researchers, AttackIQ, and several CTID members to enhance INFORM based on two…
AI Deception Is Here: What Security Teams Must Do Now
Recent research shows that deception can emerge instrumentally in goal-directed AI agents. This means deception can arise as a side effect of goal-seeking, persisting even after safety training and often surfacing in multi-agent settings. In controlled studies, systems like Meta’s…
Are There IDORs Lurking in Your Code? LLMs Are Finding Critical Business Logic Vulns—and They’re Everywhere
Security teams have always known that insecure direct object references (IDORs) and broken authorization vulnerabilities exist in their codebases. Ask any AppSec leader if they have IDOR issues, and most would readily admit they do. But here’s the uncomfortable truth:…
The New Weak Link in Compliance Isn’t Code – It’s Communication
Cybersecurity has never been only a technical problem, but the balance of what truly makes an organization secure has shifted dramatically. For years, the industry assumed the greatest dangers lived in code — in vulnerable servers, old libraries, unpatched systems,…
BitLocker Ransomware Attack Cripples Romanian Water Authority’s IT Systems
Romania’s national water management authority, Administrația Națională Apele Române (Romanian Waters), was targeted in a sophisticated ransomware attack on December 20, 2025, compromising approximately 1,000 IT systems across the organization. The cyberattack affected 10 of the country’s 11 regional…
Okta Report: Pirates of Payrolls Attacks Plague Corporate Industry
IT helps desks be ready for an evolving threat that sounds like a Hollywood movie title. In December 2025, Okta Threat Intelligent published a report that explained how hackers can gain unauthorized access to payroll software. These threats are infamous…
WebRAT Malware Spreads Through Fake GitHub Exploit Repositories
The WebRAT malware is being distributed through GitHub repositories that falsely claim to host proof-of-concept exploits for recently disclosed security vulnerabilities. This marks a shift in the malware’s delivery strategy, as earlier campaigns relied on pirated software and cheats…
Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations
Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North…
AWS named Leader in the 2025 ISG report for Sovereign Cloud Infrastructure Services (EU)
For the third year in a row, Amazon Web Services (AWS) is named as a Leader in the Information Services Group (ISG) Provider LensTM Quadrant report for Sovereign Cloud Infrastructure Services (EU), published on January 8, 2026. ISG is a…
Telecom sector sees steady rise in ransomware attacks
A new threat intelligence report described a potent mixture of unpatched flaws and lax perimeter controls. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Telecom sector sees steady rise in ransomware attacks
Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
A hacker claims to be selling nearly 40 million Condé Nast user records after leaking Wired.com data, with multiple major brands allegedly affected. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the…