ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack &...
Ravie LakshmananMar 12, 2026Cybersecurity / Hacking News
Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it...
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Ravie LakshmananMar 12, 2026Artificial Intelligence / Malware
Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by a financially motivated threat actor...
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
Ravie LakshmananMar 10, 2026Vulnerability / Enterprise Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on...
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
Ravie LakshmananMar 05, 2026Cybersecurity / Hacking News
Some weeks in cybersecurity feel routine. This one doesn’t.
Several new developments surfaced over the past few days, showing how quickly the threat landscape...
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Ravie LakshmananMar 03, 2026Phishing / Malware
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email...
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Ravie LakshmananMar 03, 2026Vulnerability / Artificial Intelligence
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called...
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a...
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Ravie LakshmananFeb 27, 2026Endpoint Security / Windows Security
Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a...
ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+...
Ravie LakshmananFeb 26, 2026Cybersecurity / Hacking News
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a...
