In 2026, a sophisticated web-skimming campaign that targets online buyers surfaced with increased vigor, hacking e-commerce websites and obtaining private financial data during checkout procedures. The attack poses a growing danger to online retail security and has been identified as a member of the larger Magecart family of attacks. This long-running effort, which has been […]
Between October 2025 and January 2026, security researchers discovered over 91,000 attack sessions that targeted AI infrastructure, revealing organized attacks against major language model deployments. During this time, 91,403 attack sessions were recorded by GreyNoise’s Ollama honeypot infrastructure, exposing two different threat campaigns. The results support and expand on earlier Defused research on AI system […]
According to recent dark web information, a threat actor going by the name “RedTeam” has started promoting a new brute-force attack tool called “Brutus,” intended to target Fortinet services. The tool’s $1,500 price tag indicates that automated credential-stuffing attacks against enterprise infrastructure are becoming more popular. Brutus is adaptable for attackers looking to penetrate a […]
Less than two years after it was introduced as a means for consumers to track whether their personal information is discovered on the dark web, Google has announced that it will be shutting its dark web report service in February 2026. As a result, on January 15, 2026, scans for fresh dark web breaches will […]
AI-driven integrated development environments (IDEs) have completely changed the software development landscape. From basic autocompletion engines, tools like GitHub Copilot, Gemini CLI, and Claude Code have developed into autonomous agents that can carry out tasks. However, by integrating these agents straight into traditional IDE systems that were not initially intended for such autonomy, companies unintentionally […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a warning about malicious actors that are actively using remote access trojans (RATs) and commercial spyware to target users of mobile messaging apps. “These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating […]
Based on evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a significant security vulnerability affecting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) list. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability that affects Fireware OS versions 11.10.2 through 11.12.4_Update1, 12.0 through 12.11.3, and 2025.1. […]
To meet new security standards, such as a reduction in the validity time of SSL/TLS server certificates to 47 days, IBM Japan, Ltd. introduced a new solution based on HashiCorp Vault (henceforth referred to as “Vault”) and Red Hat Ansible Automation Platform (henceforth referred to as “AAP”). This system improves security by automating the whole […]
Lockheed Martin and Google Public Sector announced a strategic partnership to incorporate Google’s cutting-edge generative AI—including its Gemini models—into the Lockheed Martin AI Factory. Through this partnership, Google’s robust AI tools will be implemented in Lockheed Martin’s safe, on-site, and air-gapped environments, making them accessible to employees throughout the company. It is intended to enable […]
Ten malicious npm packages that are intended to transmit an information stealer targeting Windows, Linux, and macOS systems have been found by cybersecurity researchers. “The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that […]
