The emergence of custom voice-phishing kits on dark web forums has significantly enhanced the ability of cybercriminals to conduct social engineering scams. These kits are being used to target Google, Microsoft, and Okta accounts.

An operational security failure by INC ransomware allowed researchers to recover data stolen from 12 US orgs. A forensic investigation that revealed the use of the Restic backup tool and exposed attacker infrastructure.

A sophisticated phishing campaign has been identified targeting energy-sector organizations. Attackers are exploiting Microsoft SharePoint services to harvest credentials and take over corporate email accounts, leading to widespread phishing attacks.

CISA has added four new vulnerabilities to its KEV Catalog. These vulnerabilities include improper access control, improper authentication, embedded malicious code, and remote file inclusion, affecting various software products.

Fortinet's FortiGate firewalls are under attack due to a critical authentication bypass vulnerability that remains exploitable despite previous patch attempts. Attackers are leveraging this flaw to gain unauthorized access to systems.

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing to breach cloud environments of Fortune 500 companies.

PurpleBravo, a North Korean state-sponsored threat group, poses a significant threat to the IT software supply chain. The group targets software developers, particularly in the cryptocurrency and software development sectors.

This advisory details a sophisticated attack leveraging Windows' built-in utilities, known as LOLBins (Living Off the Land Binaries), to deploy Remcos and NetSupport Manager, both of which are remote access tools often abused by cybercriminals.

Cisco has addressed a critical zero-day vulnerability, CVE-2026-20045, in its Unified Communications products. This flaw allows unauthenticated remote attackers to execute arbitrary commands on affected devices.

A new family of Android click-fraud trojans is leveraging TensorFlow machine learning models to interact with advertisement elements. This malware is distributed through Xiaomi's GetApps store and third-party APK sites.