Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

After several years of using simple implants, the Russia-affiliated threat actor is back with two new sophisticated malware tools.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

A ransomware affiliate known as 'hastalamuerte' has revealed operational details about a group called The Gentlemen , shedding light on its tactics, techniques and internal disputes.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the ...

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub ...

OTTAWA, ON, March 10, 2026 /CNW/ - Field Effect has released its 2026 Cyber Threat Outlook, revealing that more than 80% of incidents investigated by the company in 2025 stemmed from cloud identity ...