Project Glasswing Proved AI Can Find the Bugs. Who’s Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of […]
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. “The […]
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of […]
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last […]
Toxic Combinations: When Cross-App Permissions Stack into Risk
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing […]
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The […]
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking […]
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. […]
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is […]
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay […]
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the […]
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to […]