A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. “LucidRook is… Read More »UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
Thursday. Another week, another batch of things that probably should’ve been caught sooner but weren’t. This one’s got some range — old vulnerabilities getting new life, a few “why was that even… Read More »ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA),… Read More »Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON’s Haifei Li, has been… Read More »Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows,… Read More »The Hidden Security Risks of Shadow AI in Enterprises
Cybersecurity researchers have flagged a new variant ofmalware called Chaosthat’scapable of hitting misconfigured cloud deployments, marking an expansion of the botnet’s targeting infrastructure. “Chaos malware is increasingly targeting misconfigured cloud deployments, expanding beyond… Read More »New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
Cybersecurity researchers have lifted the curtain on a stealthy botnet that’s designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since… Read More »Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented… Read More »APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems. The… Read More »Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities. The model will be… Read More »Anthropic’s Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems