Palo Alto Networks’ Unit 42 has released their 2026 Global Incident Response Report, analyzing over 750 major cyber incidents across 50+ countries. The findings paint a stark picture of an evolving threat landscape where attacks are faster, broader, and harder to contain than ever before. Key Finding: 72-Minute Attack Chains In the fastest cases Unit…
The Acronis Threat Research Unit (TRU) has identified a significantly enhanced version of the notorious LockBit ransomware, designated LockBit 5.0, actively being deployed in campaigns against enterprise environments. The latest variant introduces expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and VMware ESXi systems within a single coordinated attack. A New Chapter in Ransomware…
European home improvement marketplace ManoMano has confirmed a massive data breach affecting 37.8 million customer accounts after hackers compromised a third-party customer service provider. The breach, which surfaced on cybercriminal forum BreachForums, represents one of the largest retail data exposures of 2026. The Breach: Third-Party Call Center Compromised A threat actor using the handle “Indra”…
Security researchers at Huntress have uncovered a sophisticated new malware campaign that weaponizes browser stability against users. The attack, dubbed CrashFix, represents an evolution of the notorious ClickFix social engineering technique—but with a dangerous twist: instead of faking system problems, it creates real ones. How NexShield Works The malicious Chrome and Edge extension, called NexShield,…
Apple has released emergency security updates to patch a zero-day vulnerability that was actively exploited in what the company describes as “extremely sophisticated” attacks targeting specific individuals. Technical Details The vulnerability, tracked as CVE-2026-20700, is an arbitrary code execution flaw in dyld, the Dynamic Link Editor used across Apple’s operating systems including iOS, iPadOS, macOS,…
Google has released an emergency security update for Chrome to address CVE-2026-2441, a high-severity use-after-free vulnerability that is already being exploited in the wild. This marks the first actively exploited zero-day in Chrome that Google has patched in 2026, underscoring the ongoing threat that browser-based vulnerabilities pose to organizations worldwide. The Vulnerability: Use-After-Free in CSS…
A new phishing campaign is targeting cryptocurrency hardware wallet users through an unusual vector: physical mail. Threat actors are sending fake letters impersonating Trezor and Ledger security teams, attempting to trick users into surrendering their wallet recovery phrases. The Snail Mail Attack Vector Unlike traditional email phishing, these attacks arrive as physical letters printed on…
A highly sophisticated malware loader known as OysterLoader has emerged as a significant cybersecurity threat, employing advanced multi-layer obfuscation techniques to evade detection while delivering dangerous payloads including Rhysida ransomware and the widespread Vidar infostealer. Sophisticated Distribution Through Fake Software First identified by Rapid7 in June 2024, this C++ malware has evolved into a formidable…
Microsoft has disclosed a sophisticated new variant of the ClickFix social engineering attack that weaponizes the Windows nslookup command to stage malware through DNS queries, enabling attackers to bypass traditional web-based detection mechanisms. Attack Methodology This DNS-based ClickFix variant tricks users into executing a specially crafted command through the Windows Run dialog that performs a…
Microsoft’s February 2026 Patch Tuesday revealed a critical zero-day vulnerability affecting Windows Shell that attackers are actively exploiting to bypass security protections. CVE-2026-21510 carries a CVSS score of 8.8 and allows threat actors to circumvent Windows SmartScreen warnings by tricking users into opening malicious links or shortcut files. Understanding the Vulnerability Windows Shell—the core graphical…
