WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
May 22, 2026
Sophos CTU analysis reveals WantToCry ransomware encrypts files off-device via brute-forced SMB sessions, leaving no local binary for EDR tools
Cybersecurity
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
Sophos CTU analysis reveals WantToCry ransomware encrypts files off-device via brute-forced SMB sessions, leaving no local binary for EDR tools to detect.
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
Two U.S. telecom executives pleaded guilty to concealing a six-year tech-support fraud scheme that cost Americans an estimated $2.1 billion annually.
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
Cisco Talos exposed BadIIS, a Chinese-speaking MaaS platform hijacking IIS servers to redirect traffic and manipulate search rankings since 2021.
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
Varonis Threat Labs disclosed GhostTree, an NTFS junction loop technique that causes Windows Defender to hang and fail to detect hidden malware files.
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
K7 Security Labs found SilverFox APT serving ValleyRAT via trojanized Teams installers on teams-securecall.com, targeting credentials and crypto wallets.
TamperedChef Hides Malware Inside Signed Apps
Palo Alto's Unit 42 documented TamperedChef, a signed-app malware campaign with 12,000 global infections using digitally signed certificates to evade detection.
Chrome 148 Patches Critical WebRTC Use-After-Free
Google patched 16 Chrome vulnerabilities including critical CVE-2026-9111, a WebRTC use-after-free enabling drive-by exploitation without user interaction.
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS 10.0 flaw.
Group-IB Exposes Five Brokers Fabricating Breach Alerts From Old Leaks
Group-IB identified five dark web brokers posting 500–1,000 fake corporate breach ads monthly using recycled Facebook 2021, Eatigo, and Truecaller leak data.
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Hackers spent 77 days inside NYC Health + Hospitals via a vendor breach, stealing fingerprints, medical records, and SSNs from 1.8 million patients.
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
May 22, 2026
Two U.S. telecom executives pleaded guilty to concealing a six-year tech-support fraud scheme that cost Americans an estimated $2.1 billion
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
May 22, 2026
Cisco Talos exposed BadIIS, a Chinese-speaking MaaS platform hijacking IIS servers to redirect traffic and manipulate search rankings since 2021.
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
May 22, 2026
Varonis Threat Labs disclosed GhostTree, an NTFS junction loop technique that causes Windows Defender to hang and fail to detect
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
May 22, 2026
K7 Security Labs found SilverFox APT serving ValleyRAT via trojanized Teams installers on teams-securecall.com, targeting credentials and crypto wallets.
TamperedChef Hides Malware Inside Signed Apps
May 22, 2026
Palo Alto’s Unit 42 documented TamperedChef, a signed-app malware campaign with 12,000 global infections using digitally signed certificates to evade
Chrome 148 Patches Critical WebRTC Use-After-Free
May 22, 2026
Google patched 16 Chrome vulnerabilities including critical CVE-2026-9111, a WebRTC use-after-free enabling drive-by exploitation without user interaction.
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
May 22, 2026
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS
Group-IB Exposes Five Brokers Fabricating Breach Alerts From Old Leaks
May 22, 2026
Group-IB identified five dark web brokers posting 500–1,000 fake corporate breach ads monthly using recycled Facebook 2021, Eatigo, and Truecaller
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
May 21, 2026
Hackers spent 77 days inside NYC Health + Hospitals via a vendor breach, stealing fingerprints, medical records, and SSNs from
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.