Ransomware gangs are increasingly using EDR killers to disable endpoint security before launching attacks. This analysis explains how these tools work and what organizations must do to defend against them.

Hackers linked to ShinyHunters claim a Rockstar Games data breach and are demanding ransom before April 14 or risk leaking stolen data. This analysis explains how the attack works and what organizations must do to protect themselves.

Mozilla has criticized Microsoft for pushing Copilot into Windows without clear user consent, raising concerns about privacy, control, and AI-driven system behavior. This analysis explains what it means and what organizations must do to respond.

A critical etcd authentication bypass vulnerability allows attackers to access sensitive cluster APIs without credentials. This analysis explains how the flaw works and what organizations must do to defend against it.

New research reveals that Google, Microsoft, and Meta continue tracking users even after opt-out signals are enabled. This analysis explains how the tracking works and what organizations must do to protect user privacy

The UAC-0247 campaign targets government and healthcare systems, stealing browser credentials and WhatsApp data using advanced multi-stage malware. This analysis explains how the attack works and what organizations must do to defend against it.

Attackers are spreading a blockchain-based backdoor via Hugging Face by exploiting a critical vulnerability in developer environments. This analysis explains how the attack works and what organizations must do to defend against it.

The Nexcorium Mirai variant is exploiting TBK DVR vulnerabilities to hijack IoT devices and build a large-scale DDoS botnet. This analysis explains how the attack works and what organizations must do to defend against

OpenAI’s GPT-5.4 Cyber Defense Program is expanding AI-powered cybersecurity capabilities to verified defenders worldwide. This analysis explains how it works and what it means for organizations.

Iranian MOIS hackers are using multiple fake personas to conduct espionage, phishing, and psychological operations. This analysis explains how the campaign works and what organizations must do to defend against it.

SideWinder hackers are using fake Chrome PDF viewers and cloned Zimbra portals to steal credentials and conduct espionage. This analysis explains how the attack works and what organizations must do to defend against it.

Cybercriminals exploited French fintech and banking systems using stolen credentials, exposing over 1.2 million accounts. This analysis explains how the attack works and what organizations must do to defend against it.