Cybersecurity researchers have discovered a new variant of the MacSync malware targeting macOS users. Unlike previous versions that relied on complex ClickFix techniques, this iteration masquerades as a legitimately signed, notarised Apple application, thereby bypassing macOS Gatekeeper security and stealing…
Tag: Cyber Security News
BreachForums Hack: Hackers Expose All User Records from Popular Dark Web Forum
In a dramatic turn for the cybercrime underworld, a mysterious hacker known as “James” has leaked the complete user database of BreachForums, a notorious Dark Web forum serving as a hub for stolen data trading and hacking discussions. The breach,…
Fog Ransomware Attacking US Organizations Leveraging Compromised VPN Credentials
A new ransomware variant called Fog has emerged as a significant threat to educational and recreation organizations across the United States. Starting in early May 2024, Arctic Wolf Labs began monitoring its deployment across multiple incident response cases, with 80…
xRAT Malware Attacking Windows Users Disguised as Adult Game
A dangerous malware threat has emerged targeting Windows users across Korea through webhard file-sharing services. The Ahnlab Security Intelligence Center recently identified xRAT, also known as QuasarRAT, being distributed as fake adult games to unsuspecting users. This remote access trojan…
MuddyWater APT Weaponizing Word Documents to Deliver ‘RustyWater’ Toolkit Evading AV and EDR Tools
The Iran-linked MuddyWater Advanced Persistent Threat group has launched a sophisticated spear-phishing campaign targeting diplomatic, maritime, financial, and telecom sectors across the Middle East. The threat actors are using weaponized Word documents to deliver a new Rust-based malware called RustyWater,…
Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack
A new and sophisticated phishing campaign is targeting remote workers and IT administrators by impersonating the official Fortinet VPN download portal. This attack is particularly dangerous because it leverages search engine optimization (SEO) and, alarmingly, AI-generated search summaries to lure…
Cyber Threats Targeting Australia and New Zealand Fueled by Initial Access Sales, and Ransomware Campaigns
The cyber threat environment across Australia and New Zealand has entered a critical phase throughout 2025, with threat actors orchestrating increasingly sophisticated attacks centered on the sale of compromised network access. The Cyble Research and Intelligence Labs documented 92 instances…
Threat Actors Attacking Systems with 240+ Exploits Before Ransomware Deployment
Between December 25–28, a single threat actor conducted a large-scale scanning campaign, testing over 240 different exploits against internet-facing systems and collecting data on every vulnerable target found. This reconnaissance operation, operating from two IP addresses linked to CTG Server…
Microsoft’s New Teams New Admin Role to Manage External Collaboration Settings
Microsoft is rolling out a new role-based access control (RBAC) role designed to simplify external collaboration management in Microsoft Teams. The Teams External Collaboration Administrator role will become available starting late January 2026, with full global deployment expected by mid-February 2026. The…
CISA Retires Ten Emergency Directives Following Milestone Achievement
The Cybersecurity and Infrastructure Security Agency (CISA) announced a significant milestone on January 8, 2026, by retiring ten Emergency Directives issued between 2019 and 2024. This marks the highest number of Emergency Directives retired by the agency simultaneously, reflecting progress…
Beware of Fake WinRAR Website That Delivers Malware with WinRAR Installer
A newly discovered malware campaign is using fake WinRAR download sites to deliver the dangerous Winzipper malware directly to unsuspecting users. The attack emerged from links distributed across various Chinese websites, targeting users who attempt to download the popular file…
CrowdStrike to Acquire Identity Security Startup SGNL in $740 Million Deal
CrowdStrike announced its agreement to acquire SGNL, a leading identity-first security company, for $740 million. The acquisition marks a significant strategic move to strengthen CrowdStrike’s Falcon Next-Gen Identity Security platform. Address the growing complexity of protecting human, non-human, and AI…
FBI Warns of Kimsuky Actors Leverage Malicious QR Codes to Target U.S. Organizations
North Korean state‑sponsored group Kimsuky is running new spearphishing campaigns that abuse QR codes to compromise U.S. organizations. The FBI warns that think tanks, NGOs, academic bodies, and government‑linked entities with a North Korea focus are now being lured with…
10 Best Automatic WiFi Security Providers – 2026
In 2026, pinpointing top automatic WiFi security providers demands emphasis on ironclad encryption, unwavering reliability, and multifaceted defenses against public hotspot dangers. Automatic WiFi Security embedded in VPNs or dedicated apps auto-engages upon detecting unsecured networks, shielding traffic from eavesdropping,…
5 Sandbox Tools for Phishing Analysis in 2026
Analysts have numerous options for probing phishing attacks, but a single malware analysis sandbox often suffices. Blending static and dynamic analysis, these tools excel against even the most elusive phishing threats. Discover five top sandbox solutions to elevate your investigations.…
10 Best Web Security Scanners For Vulnerability Scanning – 2026
Vulnerability scanning anchors any robust cybersecurity strategy, pinpointing and patching flaws before exploitation leads to breaches. From startups to global enterprises, selecting the optimal web security scanner determines resilience against costly incidents. This guide spotlights the 10 leading web vulnerability…
Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers – 2026
Managed Service Providers (MSPs) deliver streamlined IT services to multiple clients via centralized platforms that automate core operations. These solutions handle user provisioning, software licensing, patch management, and uniform service rollout across diverse customer environments. They provide real-time system health…
How U.S K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges – Free E-Book
K-12 IT teams face intensifying pressure to deliver affordable cybersecurity, as attackers exploit schools as “soft targets” rich in sensitive student data. Beyond students’ skills tests, educators must counter ransomware, phishing, and breaches head-on. Explore the top 10 challenges in…
Top 10 Most Common Cyber Attacks of 2026
2026 stood as a turning point in cybersecurity, with cyberattacks surging in frequency, sophistication, and disruption. Rapid digital transformation and hyper-connected systems handed attackers unprecedented opportunities to exploit flaws. From ransomware paralyzing critical infrastructure to AI-powered phishing schemes, cybercriminals blended…
Microsoft Defender’s Blocks Legitimate MAS Amid Fake Script Hunt
In a classic “Microsoft moment,” Windows Defender has started blocking the popular open-source Microsoft Activation Scripts (MAS) tool while targeting fake impostors, without verifying whether it’s also snaring the real deal. Users running the genuine PowerShell command now receive “Trojan:PowerShell/FakeMas.DA!MTB”…