UnsolicitedBooker targets Central Asian telecoms with LuciDoor and MarsSnake, while PseudoSticky and Cloud Atlas hit Russia.

Russia-linked UAC-0050 targeted a European financial institution using a spoofed Ukrainian domain to deploy RMS remote access malware.

Lazarus Group used Medusa ransomware in Middle East and U.S. healthcare attacks, with average $260,000 demands and 366 claimed incidents.

The campaigns detailed by AI upstart entail the use of fraudulent accounts and commercial proxy services to access Claude at scale while avoiding detection. Anthropic said it was able to attribute ...

Identity risk escalates when control gaps, hygiene failures, impact, and intent align, forming toxic combinations that drive real breaches ...

AI attackers exploit Microsoft 365 misconfigurations at scale, with 13M phishing emails blocked in October 2025.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

Massiv Android trojan hides in fake IPTV apps, enabling remote device control, credential theft, and fraudulent banking ...

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North ...