A comprehensive analysis by ESET has uncovered a thriving ecosystem of endpoint detection and response (EDR) killer tools, revealing that 54 of these specialized programs abuse 34 vulnerable signed drivers to neutralize security software before ransomware attacks. The BYOVD Threat Landscape EDR killer programs have become a standard component in ransomware intrusions, offering affiliates a…
Rapid7 has released its 2026 Global Threat Landscape Report, revealing a dramatic acceleration in cyber attack patterns that leaves organizations with shrinking windows to respond to emerging threats. The research demonstrates that the predictive lead time defenders once relied upon between vulnerability disclosure and active exploitation has largely disappeared. Key Findings: The Numbers Tell the…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity vulnerability in Wing FTP Server to its Known Exploited Vulnerabilities (KEV) catalog on March 16, 2026, confirming that attackers are actively exploiting the flaw in real-world attacks. Vulnerability Details Tracked as CVE-2025-47813 (CVSS score: 4.3), the vulnerability is an information disclosure flaw that…
Veeam has released emergency patches for seven severe vulnerabilities in its flagship Backup & Replication platform, several scoring CVSS 9.9 — the highest possible criticality rating. The flaws enable remote code execution (RCE), privilege escalation, and credential theft by authenticated users, making enterprise backup infrastructure a prime target for ransomware operators. Vulnerability Details The newly…
A groundbreaking research paper by Bruce Schneier and collaborators introduces the concept of “promptware”—a distinct class of malware targeting large language models (LLMs). Moving beyond the myopic focus on prompt injection, the researchers propose a structured seven-step kill chain that mirrors traditional cyberattack frameworks like those used to analyze Stuxnet and NotPetya. The Seven-Stage Promptware…
A coordinated international law enforcement operation has dismantled SocksEscort, a criminal proxy service that infected hundreds of thousands of residential routers worldwide to enable large-scale fraud, ransomware distribution, and other cybercrimes. The Scope of the Threat According to the U.S. Department of Justice, SocksEscort offered access to approximately 369,000 different IP addresses across 163 countries…
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities being actively exploited in zero-day attacks, affecting an estimated 3.5 billion users worldwide. “Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910 exist in the wild,” the company stated in a security advisory published Thursday. The Vulnerabilities CVE-2026-3909 stems from an out-of-bounds…
In one of the most significant international cybercrime operations to date, INTERPOL has announced the successful conclusion of Operation Synergia III—a coordinated global effort that dismantled critical infrastructure supporting phishing, malware, and ransomware campaigns worldwide. Six Months of Coordinated Enforcement Running from July 18, 2025 through January 31, 2026, the operation brought together law enforcement…
Business process outsourcing (BPO) giant Telus Digital has confirmed a major cybersecurity incident after the notorious ShinyHunters extortion group claimed to have stolen nearly one petabyte of data from the company and its customers. The breach, which involved unauthorized access to internal systems over an extended period, highlights a dangerous evolution in attacker strategy—where threat…
Google has released emergency security updates to address two high-severity vulnerabilities in Chrome that are being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added both flaws to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to patch by March 27, 2026. The Vulnerabilities The two critical flaws…
