Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it…
Technology
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
Ravie LakshmananJan 28, 2026Supply Chain Security / Malware Cybersecurity researchers have discovered two malicious packages in…
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Ravie LakshmananJan 28, 2026Vulnerability / Threat Intelligence Google on Tuesday revealed that multiple threat actors, including…
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Threat actors with ties to China have been observed using an updated version of a backdoor…
From Triage to Threat Hunts: How AI Accelerates SecOps
If you work in security operations, the concept of the AI SOC agent is likely familiar.…
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot…
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
Ravie LakshmananJan 28, 2026Critical Infrastructure / Threat Intelligence The “coordinated” cyber attack targeting multiple sites across…
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Open Source A critical sandbox escape vulnerability has been disclosed in…
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Workflow Automation Cybersecurity researchers have disclosed two new security flaws in…
Password Reuse in Disguise: An Often-Missed Risky Workaround
When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware,…