Cybersecurity Threats

How Operation Endgame Disrupted the Expansive SocGholish Malware Network

Operation Endgame took down over 100 servers and domains linked to the prolific SocGholish malware, a major win in the battle against ransomware attacks.

🤖 100+ Servers and Domains Disrupted 🔒 240% Increase in Ransomware Attacks Linked to SocGholish 💰 78% Reduction in Successful SocGholish Infections After Patch De

Palo Alto Networks firewall flaw has been exploited for several weeks

Palo Alto Networks warns that a critical zero-day vulnerability has been discovered in the PAN-OS firewall system. The vulnerability has already been exploited by suspected state-sponsored hackers for nearly a month, reports Bleeping Computer.The vulnerability, CVE-2026-0300, is located in the User-ID Authentication Portal (also known as the Captive Portal) and allows attackers to execute code with root privileges on exposed…

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically reads like a guy tripped…

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.

Iran Hackers Targeting Exposed Plcs Critical Infrastructure - Iran-Linked Hackers Disrupt U.s. Critical Infrastructure By Targeting Internet-Exposed Plcs

Iran Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality, manipulation of display data and, in some cases, operational disruption and financial