ShinyHunters, a notorious hacking group, has issued a final warning to approximately 400 organizations, threatening to leak sensitive data unless their extortion demands are met.

China-linked hackers, including the Camaro Dragon group, are targeting Qatar with malware disguised as Middle East conflict news. The attackers are focusing on the Gulf's energy industry and military targets, using tools like PlugX and Cobalt Strike.

A new phishing campaign is targeting individuals in the US by impersonating the Social Security Administration. The emails use urgent language such as "Important Disclosures" or "Important Regulatory Information" to prompt immediate action.

APT36, a Pakistan-linked hacking group, is targeting Indian government networks with AI-generated malware known as "Vibeware." This strategy involves overwhelming security systems with numerous low-quality malware samples.

Hackers are exploiting fake Social Security Administration (SSA) emails to hijack PCs by abusing the ScreenConnect tool. This attack does not rely on new viruses but rather on hijacking existing tools and weakening system defenses.

The phishing campaign began in December 2025, initially targeting 504 organizations primarily in the financial services and consulting sectors as part of a testing phase.

The Prometei botnet, a Russian-linked threat active since 2016, has been identified in a UK construction firm's Windows Server. Known for mining Monero cryptocurrency, it also excels at stealing passwords and maintaining remote control over systems.

A recent cloud breach highlights the dangers of exposed AWS credentials and AI-assisted attacks. An attacker gained full admin access to a company's cloud environment in just eight minutes.

A sophisticated phishing campaign is targeting business users by exploiting clean emails, PDF attachments, and cloud storage to steal Dropbox credentials. This attack uses trusted services to bypass security filters and get sensitive information.

Operation Bizarre Bazaar is a significant cyberattack campaign targeting AI systems to steal compute power and resell access. The campaign, led by a hacker known as Hecker, involves exploiting unprotected AI models, particularly those using MCP.