Apple is issuing Lock Screen notifications to iPhones and iPads running outdated iOS versions to warn users about active web-based exploit kits.
This article covers a TeamPCP supply chain attack on the telnyx Python package, hiding malware inside .WAV files via audio steganography.
This article covers a now-patched vulnerability in Open VSX's pre-publish extension scanning pipeline that allowed malicious VS Code extensions to bypass security checks.
This article covers two phishing campaigns: one targeting TikTok for Business accounts via AitM techniques, and another using SVG attachments to deliver malware in Venezuela.
This article examines how geopolitical tensions have transformed the cyber threat landscape into a multi-front conflict involving state actors, hacktivists, and criminal groups.
This article covers Bearlyfy, a pro-Ukrainian threat group that has targeted over 70 Russian companies with ransomware since January 2025.
Three security vulnerabilities in LangChain and LangGraph frameworks expose filesystem data, environment secrets, and conversation history in enterprise AI deployments.
This article covers Red Menshen, a China-linked threat actor, using the stealthy BPFDoor Linux backdoor to conduct long-term espionage via telecom networks.
A zero-click XSS prompt injection vulnerability in Anthropic's Claude Chrome Extension allowed any website to silently hijack the AI assistant.
This article draws parallels between art forgery and modern cyberattacks to explain how attackers use mimicry to evade detection, and how Network Detection and Response (NDR) can expose them.
This week's ThreatsDay Bulletin covers multiple emerging cybersecurity threats and defensive developments.
The Coruna iOS exploit kit shares the same kernel exploit code as the 2023 Operation Triangulation campaign, confirming a common author and ongoing development.
