As Iran-Israel-US military operations escalate in the Middle East, Check Point Research and Tenable have identified a significant surge in Iranian threat actors targeting IP cameras manufactured by Hikvision and Dahua. The activity, which began spiking on February 28, 2026, coincides with the start of Operation Epic Fury and extends across Israel, Qatar, Bahrain, Kuwait,…
Veeam has released emergency patches for seven severe vulnerabilities in its flagship Backup & Replication platform, several scoring CVSS 9.9 — the highest possible criticality rating. The flaws enable remote code execution (RCE), privilege escalation, and credential theft by authenticated users, making enterprise backup infrastructure a prime target for ransomware operators. Vulnerability Details The newly…
A groundbreaking research paper by Bruce Schneier and collaborators introduces the concept of “promptware”—a distinct class of malware targeting large language models (LLMs). Moving beyond the myopic focus on prompt injection, the researchers propose a structured seven-step kill chain that mirrors traditional cyberattack frameworks like those used to analyze Stuxnet and NotPetya. The Seven-Stage Promptware…
A coordinated international law enforcement operation has dismantled SocksEscort, a criminal proxy service that infected hundreds of thousands of residential routers worldwide to enable large-scale fraud, ransomware distribution, and other cybercrimes. The Scope of the Threat According to the U.S. Department of Justice, SocksEscort offered access to approximately 369,000 different IP addresses across 163 countries…
Google has released emergency security updates to patch two high-severity Chrome vulnerabilities being actively exploited in zero-day attacks, affecting an estimated 3.5 billion users worldwide. “Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910 exist in the wild,” the company stated in a security advisory published Thursday. The Vulnerabilities CVE-2026-3909 stems from an out-of-bounds…
In one of the most significant international cybercrime operations to date, INTERPOL has announced the successful conclusion of Operation Synergia III—a coordinated global effort that dismantled critical infrastructure supporting phishing, malware, and ransomware campaigns worldwide. Six Months of Coordinated Enforcement Running from July 18, 2025 through January 31, 2026, the operation brought together law enforcement…
Business process outsourcing (BPO) giant Telus Digital has confirmed a major cybersecurity incident after the notorious ShinyHunters extortion group claimed to have stolen nearly one petabyte of data from the company and its customers. The breach, which involved unauthorized access to internal systems over an extended period, highlights a dangerous evolution in attacker strategy—where threat…
Google has released emergency security updates to address two high-severity vulnerabilities in Chrome that are being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added both flaws to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to patch by March 27, 2026. The Vulnerabilities The two critical flaws…
Pro-Iranian hackers are expanding their operations beyond the Middle East and increasingly targeting critical infrastructure in the United States, according to cybersecurity experts and recent incidents. The attacks represent a significant escalation in Iran’s cyber warfare capabilities and pose growing risks to American defense contractors, power stations, and water plants. Handala Claims Major US Attack…
Google has released emergency security updates to fix two high-severity vulnerabilities in Chrome that are being actively exploited in the wild. These are the second and third Chrome zero-days patched in 2026, highlighting the continued targeting of browser vulnerabilities by threat actors. The Vulnerabilities The two zero-days—CVE-2026-3909 and CVE-2026-3910—target core components of the Chrome browser:…
